Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.37 views

Linux Distros Unpatched Vulnerability : CVE-2026-54515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, ...

5.3CVSS6AI score0.00345EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 9:17 p.m.4 views

UBUNTU-CVE-2026-54515

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a...

5.3CVSS5.8AI score0.00345EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/23 8:50 p.m.26 views

CVE-2026-54515 jackson-databind: Case-insensitive deserialization bypasses per-property @JsonIgnoreProperties

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a...

5.3CVSS0.00345EPSS
Exploits0References4
NVD
NVD
added 2026/04/10 8:16 p.m.5 views

CVE-2026-40168

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP redirects. As a...

8.2CVSS0.00371EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/10 7:20 p.m.19 views

CVE-2026-40168 Postiz has Server-Side Request Forgery via Redirect Bypass in /api/public/stream

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP redirects. As a...

8.2CVSS0.00371EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.12 views

Gitroom Postiz 代码问题漏洞

Gitroom Postiz is an open-source social media scheduling tool developed by Gitroom. Versions of Gitroom Postiz prior to 2.21.5 contained code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability present in the/api/public/stream endpoint. The application...

8.2CVSS5.9AI score0.00371EPSS
Exploits1References3
Rows per page
Query Builder