CVE-2026-26055 Unauthenticated Admission Webhook Endpoints in Yoke ATC

Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster network to directly send...

CVE-2026-26055

creationtimestamp| type| source ---|---|--- 2026-02-12 01:17:03+00:00| published-proof-of-concept| https://github.com/yokecd/yoke/security/advisories/GHSA-965m-v4cc-6334 2026-02-13 07:01:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mepwrahzzm2a 2026-02-13 13:40:07+00:0...

CVE-2025-26055

CVE-2025-26055 affects Infinxt iEdge 100, specifically the Troubleshoot module and its tracertVal parameter in the Tracert function (version 2.1.32). Descriptions consistently identify an OS command injection vulnerability, enabling potential arbitrary command execution. Public references include...

CVE-2024-26055

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

CVE-2024-26055 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

CVE-2022-26055

creationtimestamp| type| source ---|---|--- 2023-03-08 02:23:28+00:00| seen| https://t.me/cibsecurity/59653...

CVE-2023-26055

creationtimestamp| type| source ---|---|--- 2023-03-03 06:42:09+00:00| seen| https://t.me/cibsecurity/59329...

CVE-2023-26055

CVE-2023-26055 affects XWiki Commons. Starting with version 3.1-milestone-1, any user can edit their own profile and inject code that runs with programming privileges; the vulnerability also appears in other short text fields displayed in Apps Within Minutes. The issue has been patched in version...

CVE-2021-26055

CVE-2021-26055 entry is rejected and not used.

CVE-2021-26055

...

OpenSSL DTLS远程堆溢出漏洞

BUGTRAQ ID: 26055 CVECAN ID: CVE-2007-4995 OpenSSL是一种开放源码的SSL实现，用来实现网络通信的高强度加密，现在被广泛地用于各种网络应用程序中。 OpenSSL的DTLS支持中存在漏洞，攻击者可以创建能够触发堆溢出的恶意客户端或服务器，导致执行任意指令。 请注意这个漏洞仅影响使用DTLS的应用程序。 OpenSSL Project OpenSSL 0.9.8f OpenSSL Project OpenSSL 0.9.8 RedHat Linux 5.0 OpenSSL Project ---------------...

CVE-2022-26055

CVE-2022-26055 entry is rejected/not used and does not represent an active vulnerability.