Lucene search
K

276384 matches found

OSV
OSV
added 2 days ago12 views

ROOT-APP-MAVEN-CVE-2026-41417 CVE-2026-41417 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-41417 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

5.3CVSS5.8AI score0.00307EPSS
Exploits1
NVD
NVD
added 2 days ago8 views

CVE-2026-5730

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026...

7.5CVSS0.00246EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (June 2026 - Part 1 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2026-50010 DESCRIPTION: Netty is a network application framework for...

9.1CVSS6.9AI score0.00513EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-5799 IDOR in Idvlabs' Ontime

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026...

7.5CVSS0.00246EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago5 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

8.1CVSS6AI score0.00476EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-5730 IDOR in Idvlabs' Ontime

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026...

7.5CVSS0.00246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-5730

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026...

7.5CVSS5.9AI score0.00246EPSS
Exploits0References2
Circl
Circl
added 2 days ago8 views

CVE-2026-11405

creationtimestamp| type| source ---|---|--- 2026-07-07 04:31:58+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mpzrjkh5ga2f 2026-07-07 04:31:59+00:00| seen| https://bsky.app/profile/potato.software/post/3mpzrjlnff724 2026-07-07 08:15:44+00:00| seen|...

9.8CVSS7.3AI score0.00243EPSS
Exploits1References16
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41989

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, DatabaseBackupJob interpolates user-controlled database credentials and MongoDB collection exclusion names into backup shell commands without adequate escaping, allowing an...

3.3CVSS6AI score0.00221EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-54060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile assembled per- glyph images into a combined bitmap with Image.new1, xsize,...

7.5CVSS6AI score0.00361EPSS
Exploits1References3
NVD
NVD
added 3 days ago5 views

CVE-2026-48267

DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...

5.5CVSS0.00139EPSS
Exploits0References1
CVE
CVE
added 3 days ago9 views

CVE-2026-21383

CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...

7.1CVSS6AI score0.00069EPSS
Exploits0References1Affected Software1
CVE
CVE
added 3 days ago8 views

CVE-2026-48267

The CVE-2026-48267 entry concerns the DNG SDK prior to or equal to version 1.7.1 build 2536, where a NULL Pointer Dereference could cause an application crash and denial-of-service. The vulnerability requires user interaction: a victim must open a malicious file. The root cause is a NULL pointer ...

5.5CVSS6AI score0.00139EPSS
Exploits0References1Affected Software1
CVE
CVE
added 3 days ago15 views

CVE-2026-7185

CVE-2026-7185 concerns TAO 2.0 suite web features for file management/upload that suffer a validation vulnerability allowing an attacker with access to the feature to attempt to access file system resources outside the intended scope. Affected: TAO 2.0 web components handling file operations. Roo...

6CVSS5.8AI score0.00292EPSS
Exploits0References1
OSV
OSV
added 3 days ago4 views

RHSA-2026:35830 Red Hat Security Advisory: grafana security update

Bulletin has no description...

8.2CVSS6.6AI score0.00478EPSS
Exploits0References11
OSV
OSV
added 3 days ago4 views

RHSA-2026:35806 Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

Bulletin has no description...

6.5CVSS5.9AI score0.00433EPSS
Exploits0References11
CVE
CVE
added 3 days ago14 views

CVE-2026-6900

CVE-2026-6900 affects B&R Industrial Automation GmbH APROL, with a vulnerability in improper certificate validation. The issue impacts APROL versions before R 4.4-01P5. The CVSS metrics indicate a high to critical impact depending on the vector set: CVSS 3.1 base score 7.4 (HIGH) with network acc...

9.1CVSS5.9AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-41832

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component. The camel-mail producer MailProducer.getSender scanned the outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace and, when any were present...

3.7CVSS6AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 3 days ago7 views

ROOT-OS-DEBIAN-13-CVE-2026-31403 CVE-2026-31403 in rootio-linux - Patched by Root

Root has patched CVE-2026-31403 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-56020

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.471 Description An authenticated command injection exists in the GetLogs Livewire component. Users with team membership, including those with the lowest privilege role, can execute arbitrary commands as roo...

8.8CVSS6.1AI score0.01385EPSS
Exploits0References10
Rows per page
Query Builder