CVE-2026-26118

Server-side request forgery ssrf in Azure MCP Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-26118

CVE-2026-26118 – Azure MCP Server Tools SSRF allows an authorized attacker to elevate privileges. Affected component: MCP Server Tools. Root cause: server-side request forgery enabling elevation of privilege with network access. CVSSv3.1 base score 8.8 (High); Vector: Network; Privileges required...

CVE-2026-26118

creationtimestamp| type| source ---|---|--- 2026-03-10 16:57:37+00:00| seen| https://www.thezdi.com/blog/2026/3/10/the-march-2026-security-update-review 2026-03-10 19:15:41+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0082 2026-03-11 03:00:16+00:00| seen|...

CVE-2023-26118 vulnerabilities

Vulnerabilities for packages: solr...

CVE-2023-26118 vulnerabilities

Vulnerabilities for packages: solr...

CVE-2025-7255

CVE-2025-7255 affects IrfanView CADImage Plugin and stems from a DWG file parser memory corruption due to insufficient validation of user-supplied data. This could allow code execution in the plugin’s process after a user opens a malicious DWG or visits a malicious page. The vulnerability is desc...

Security Bulletin: IBM Storage Defender: Data Protect vulnerabilities resolved in release Defender 2.0.14/Data Protect 7.2.2_u1

Summary Security Bulletin: IBM Storage Defender: Data Protect vulnerabilities resolved in release Defender 2.0.14/Data Protect 7.2.2u1. The vulnerabilities have been addressed in Data Protect 7.2.2u1, which is included with IBM Storage Defender 2.0.14. Vulnerability Details CVEID:CVE-2023-26118...

CVE-2022-26118

A privilege chaining vulnerability CWE-268 in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable...

K000150967: Angular JS vulnerabilities CVE-2023-26117 and CVE-2023-26118

Security Advisory Description CVE-2023-26117 Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted...

Linux Distros Unpatched Vulnerability : CVE-2023-26118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular...

K000141463: Angular JS vulnerabilities CVE-2019-10768 and CVE-2023-26116

Security Advisory Description CVE-2019-10768 In AngularJS before 1.7.9 the function merge could be tricked into adding or modifying properties of Object.prototype using a proto payload. CVE-2023-26116 Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Servi...

RHEL 9 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - angularjs: Regular Expression Denial of Service via the element CVE-2023-26118 Note that Nessus has not tested for...

RHEL 9 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wasm2c: DoS via crafted binary CVE-2023-31670 - Versions of the package angular from 1.2.21 are vulnerabl...

RHEL 6 : angularjs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - angularjs: Regular Expression Denial of Service via the element CVE-2023-26118 - Versions of the package...

CVE-2024-26118

CVE-2024-26118 affects Adobe Experience Manager 6.5.19 and earlier. The vulnerability is a reflected XSS in vulnerable pages that allows an attacker to cause a victim to execute malicious JavaScript in their browser when visiting a crafted URL. The issue requires user interaction to exploit. AEM ...

CVE-2024-26118 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

Fedora 39 : icecat (2023-035866b576)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-035866b576 advisory. - Release 115.3.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora: Security Advisory for icecat (FEDORA-2023-7342330743)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : icecat (2023-7342330743)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7342330743 advisory. - Release 115.3.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Security Bulletin: Multiple vulnerabilities have been identified in AngularJS shipped with IBM Tivoli Netcool Impact

Summary AngularJS is shipped with IBM Tivoli Netcool Impact as part of its UI framework. Information about security vulnerabilities affecting AngularJS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service...