Lucene search
+L

5146988 matches found

CVE
CVE
added 30 minutes ago8 views

CVE-2026-59173 Apache Traffic Server: DoS vulnerability in HTTP/2 via stalled flow-control conditions

Uncontrolled Resource Consumption vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.1.13, from 10.0.0 through 10.1.2. Users are recommended to upgrade to version 9.1.14 or 10.1.3, which fixes the issue...

5.3AI score
Exploits0References1
Cvelist
Cvelist
added 30 minutes ago1 views

CVE-2026-59173 Apache Traffic Server: DoS vulnerability in HTTP/2 via stalled flow-control conditions

Uncontrolled Resource Consumption vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.1.13, from 10.0.0 through 10.1.2. Users are recommended to upgrade to version 9.1.14 or 10.1.3, which fixes the issue...

Exploits0References1
CVE
CVE
added 35 minutes ago2 views

CVE-2026-15631 @fastify/http-proxy vulnerable to prefix escape via WebSocket path traversal

Impact: @fastify/http-proxy versions from 9.4.0 up to and including 11.5.0 fail to validate the resolved WebSocket destination path against the configured rewrite prefix. The WebSocket routing path in WebSocketProxy.findUpstream resolves the destination via the WHATWG URL constructor, which...

8.7CVSS5.5AI score
Exploits0References2
Cvelist
Cvelist
added 35 minutes ago2 views

CVE-2026-15631 @fastify/http-proxy vulnerable to prefix escape via WebSocket path traversal

Impact: @fastify/http-proxy versions from 9.4.0 up to and including 11.5.0 fail to validate the resolved WebSocket destination path against the configured rewrite prefix. The WebSocket routing path in WebSocketProxy.findUpstream resolves the destination via the WHATWG URL constructor, which...

8.7CVSS
Exploits0References2
CVE
CVE
added 36 minutes ago1 views

CVE-2026-9147 uproot 5.7.4 and prior Code Injection via TStreamerInfo Metadata

uproot dynamically generates Python class source code from ROOT TStreamerInfo records in a file and compiles it at runtime. Some file-controlled streamer metadata fields for example, streamer element names are interpolated into the generated Python source without safe quoting via repr or the !r...

8.5CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added 36 minutes ago2 views

CVE-2026-9147 uproot 5.7.4 and prior Code Injection via TStreamerInfo Metadata

uproot dynamically generates Python class source code from ROOT TStreamerInfo records in a file and compiles it at runtime. Some file-controlled streamer metadata fields for example, streamer element names are interpolated into the generated Python source without safe quoting via repr or the !r...

8.5CVSS
Exploits0References4
Cvelist
Cvelist
added 54 minutes ago5 views

CVE-2026-16158 @fastify/reply-from vulnerable to cross-upstream request routing via URL cache key collision

Impact: @fastify/reply-from versions from 8.3.1 up to but not including 12.6.4 build the internal URL cache key by concatenating the destination and source path without a delimiter. Different destination and source pairs can therefore produce the same key while resolving to different upstream URL...

8.7CVSS
Exploits0References2
CVE
CVE
added 54 minutes ago7 views

CVE-2026-16158 @fastify/reply-from vulnerable to cross-upstream request routing via URL cache key collision

Impact: @fastify/reply-from versions from 8.3.1 up to but not including 12.6.4 build the internal URL cache key by concatenating the destination and source path without a delimiter. Different destination and source pairs can therefore produce the same key while resolving to different upstream URL...

8.7CVSS5.3AI score
Exploits0References2
NVD
NVD
added 1 hour ago4 views

CVE-2026-16096

A vulnerability has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. This affects the function sub40BB50 of the file /proc/webmonrecentdomains. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This project is superseded by FreshTomato...

9CVSS
Exploits0References5
NVD
NVD
added 1 hour ago4 views

CVE-2026-16097

A vulnerability was found in Shibby Tomato 1.28. This vulnerability affects the function sub42537C of the component Scheduler Name Handler. The manipulation of the argument a1 results in stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

9CVSS
Exploits0References5
GithubExploit
GithubExploit
added 1 hour ago7 views

Exploit for CVE-2026-63030

CVE-2026-63030: wp2shell WordPress Batch API Desynchronizat...

9.8CVSS6.3AI score
Exploits13
Cvelist
Cvelist
added 1 hour ago7 views

CVE-2026-16097 Shibby Tomato Scheduler Name sub_42537C stack-based overflow

A vulnerability was found in Shibby Tomato 1.28. This vulnerability affects the function sub42537C of the component Scheduler Name Handler. The manipulation of the argument a1 results in stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

9CVSS
Exploits0References5
CVE
CVE
added 1 hour ago6 views

CVE-2026-16097

A vulnerability was found in Shibby Tomato 1.28. This vulnerability affects the function sub42537C of the component Scheduler Name Handler. The manipulation of the argument a1 results in stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

9CVSS8.6AI score
Exploits0References5
NVD
NVD
added 2 hours ago4 views

CVE-2026-16095

A flaw has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. Affected by this issue is the function setupconntrack of the file /sbin/rc. Executing a manipulation of the argument cttcptimeout can lead to out-of-bounds write. The attack may be performed from remote. This project is supersed...

9CVSS
Exploits0References5
Cvelist
Cvelist
added 2 hours ago7 views

CVE-2026-16096 Shibby Tomato webmon_recent_domains sub_40BB50 stack-based overflow

A vulnerability has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. This affects the function sub40BB50 of the file /proc/webmonrecentdomains. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This project is superseded by FreshTomato...

9CVSS
Exploits0References5
CVE
CVE
added 2 hours ago4 views

CVE-2026-16096

A vulnerability has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. This affects the function sub40BB50 of the file /proc/webmonrecentdomains. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This project is superseded by FreshTomato...

9CVSS8.4AI score
Exploits0References5
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-45371

A vulnerability has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. This affects the function sub40BB50 of the file /proc/webmonrecentdomains. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This project is superseded by FreshTomato...

9CVSS8.4AI score
Exploits0References5
NCSC
NCSC
added 2 hours ago6 views

WordPress vulnerabilities can be addressed through Automattic.

There are two vulnerabilities present in WordPress Core 6.8.6, 6.9.5, and 7.0.2. An unauthorized malicious individual can exploit these vulnerabilities to execute arbitrary code remotely. To do this, a malicious HTTP request must be sent to the batch API of a WordPress site. Since vulnerabilities...

9.8CVSS6.4AI score
Exploits13References2
GithubExploit
GithubExploit
added 2 hours ago8 views

Exploit for Missing Authentication for Critical Function in Splunk

Splunk Enterprise — CVE-2026-20253 Training Lab Splunk En...

9.8CVSS6.9AI score0.88171EPSS
Exploits6
Circl
Circl
added 2 hours ago4 views

CVE-2026-62309

creationtimestamp| type| source ---|---|--- 2026-07-18 10:38:50+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqw35lls7a2g 2026-07-18 10:38:51+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqw35oexs42u 2026-07-18 10:38:52+00:00| seen|...

7.5CVSS4.8AI score0.0035EPSS
Exploits0References6
Rows per page
Query Builder