Lucene search
+L

2862513 matches found

Packet Storm News
Packet Storm News
added 2026/09/10 12:0 a.m.223 views

IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

5.8AI score
Exploits0
CVE
CVE
added 52 minutes ago5 views

CVE-2026-47870

VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious authenticated user with network access may be able to execute remote code. Affected versions: 32.1.1 fixed in 32.1.2 31.1.1 through 31.2.2 fixed in 31.2.2-2p3 30.1.1 through 30.2.6 fixed in 30.2.7 22.1.1 through...

7.1CVSS
Exploits0References1
CVE
CVE
added 1 hour ago4 views

CVE-2026-16082

A vulnerability was identified in Sipeed PicoClaw up to 0.2.9. The impacted element is the function ExecTool.executeRun of the file pkg/agent/pipelineexecute.go. The manipulation of the argument cwe leads to time-of-check time-of-use. The attack must be carried out locally. The exploit is publicl...

5.3CVSS
Exploits0References6
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-16082 Sipeed PicoClaw pipeline_execute.go ExecTool.executeRun toctou

A vulnerability was identified in Sipeed PicoClaw up to 0.2.9. The impacted element is the function ExecTool.executeRun of the file pkg/agent/pipelineexecute.go. The manipulation of the argument cwe leads to time-of-check time-of-use. The attack must be carried out locally. The exploit is publicl...

5.3CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 hours ago4 views

CVE-2026-16081

A vulnerability was determined in Sipeed PicoClaw up to 0.2.9. The affected element is an unknown function of the file web/backend/api/auth.go. Executing a manipulation can lead to cross-site request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

5.3CVSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 4 hours ago5 views

CVE-2026-16076

A vulnerability has been found in AstrBotDevs AstrBot up to 4.25.5. This issue affects the function OpenApiRoute.chatsend of the file astrbot/dashboard/routes/openapi.py of the component API. Such manipulation of the argument Username leads to authentication bypass by spoofing. It is possible to...

6.5CVSS
Exploits0References5Affected Software1
NVD
NVD
added 4 hours ago7 views

CVE-2026-16075

A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.getchatsessions of the file astrbot/dashboard/routes/openapi.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It is...

5.3CVSS
Exploits0References5
EUVD
EUVD
added 5 hours ago7 views

EUVD-2026-45353

A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.getchatsessions of the file astrbot/dashboard/routes/openapi.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It is...

5.3CVSS5.1AI score
Exploits0References5
EUVD
EUVD
added 9 hours ago10 views

EUVD-2026-45344

Authentication bypass using an alternate path or channel in Microsoft Edge Chromium-based allows an unauthorized attacker to perform tampering over a network...

5.4CVSS5.3AI score
Exploits0References2
Circl
Circl
added 9 hours ago3 views

CVE-2026-56740

creationtimestamp| type| source ---|---|--- 2026-07-18 00:24:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mquytzuy6y2i 2026-07-18 05:00:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqviazwau42g...

7.5CVSS4.8AI score
Exploits0References2
Circl
Circl
added 9 hours ago3 views

CVE-2026-56741

creationtimestamp| type| source ---|---|--- 2026-07-18 00:19:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mquyl3hgcb2a 2026-07-18 05:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqvibaehij2c...

7.5CVSS4.8AI score
Exploits0References2
Circl
Circl
added 9 hours ago3 views

CVE-2026-49485

creationtimestamp| type| source ---|---|--- 2026-07-18 00:11:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mquy4oxscf2i 2026-07-18 05:00:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqvibgrkxm2g...

7.5CVSS4.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 9 hours ago8 views

PT-2026-60919

A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.get chat sessions of the file astrbot/dashboard/routes/open api.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It ...

5.3CVSS4.9AI score
Exploits0References5
BDU FSTEC
BDU FSTEC
added yesterday36 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00412EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added yesterday21 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
Circl
Circl
added yesterday4 views

CVE-2026-13448

creationtimestamp| type| source ---|---|--- 2026-07-17 22:36:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mquss3f7uk2a 2026-07-18 05:13:26+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mqvixu56322t 2026-07-18 05:13:42+00:00| seen|...

8.1CVSS4.8AI score
Exploits0References3
CVE
CVE
added yesterday34 views

CVE-2026-57980

CVE-2026-57980 refers to a vulnerability in Microsoft Edge (Chromium-based) where an authentication bypass via an alternate path or channel could allow an unauthenticated, network-based tampering by an attacker. The description and connected sources consistently describe this as a network-exposed...

5.4CVSS5.3AI score
Exploits0References1
OSV
OSV
added yesterday5 views

DEBIAN-CVE-2026-9537

Mojo::JWT versions before 1.02 for Perl verify HMAC signatures with a non-constant-time string comparison. The decode method compares the supplied signature to the recomputed HMAC with Perl's eq operator, which stops at the first differing byte, so the comparison time varies with the number of...

5.3AI score
Exploits0References1
OSV
OSV
added yesterday4 views

DEBIAN-CVE-2026-13082

GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a by default six-character string. The built-in rand function is...

5.3CVSS5.3AI score
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-54498

CVE-2026-54498 affects ViewComponent (Ruby on Rails) where ViewComponent::Base#around_render can return HTML-unsafe strings, bypassing normal escaping and causing XSS. The issue is amplified when ViewComponent::Collection#render_in joins per-item results and marks the whole output html_safe, conv...

8.7CVSS5.2AI score
Exploits0References4
Rows per page
Query Builder