Siemens SCALANCE Improper Authentication (CVE-2020-26139)

An issue was discovered in the kernel in NetBSD 7.1. An Access Point AP forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients an...

CVE-2020-26139

creationtimestamp| type| source ---|---|--- 2026-04-14 13:10:22+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mjhhd6zgtz2a 2026-04-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-07...

CVE-2026-26139

creationtimestamp| type| source ---|---|--- 2026-03-19 21:34:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhgxdwg6nj2u...

CVE-2026-26139

Microsoft Purview contains a server-side request forgery (SSRF) vulnerability that could allow a network-based attacker to elevate privileges within the target environment. Affected component: Microsoft Purview; root cause: SSRF leading to privilege elevation. Impact per CVSS: Confidentiality Hig...

CVE-2026-26139 Microsoft Purview Elevation of Privilege Vulnerability

...

CVE-2026-26139 Microsoft Purview Elevation of Privilege Vulnerability

...

CVE-2023-26139

Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty function. Exploiting this vulnerability is possible due to improper input sanitization which allows the usage of arguments like “proto”...

CVE-2024-26139 OpenCTI Authenticated Privilege Escalation

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web...

kernel security, bug fix, and enhancement update

4.18.0-513.24.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

CVE-2023-26139

creationtimestamp| type| source ---|---|--- 2023-08-01 12:38:15+00:00| seen| https://t.me/cibsecurity/67496...

@ckies/cli (>=0.0.2 <=0.0.4), @crawless/utils (>=1.0.0 <=1.0.24) +82 more potentially affected by CVE-2023-26139 via underscore-keypath (>=0.0.15 <=0.9.3)

underscore-keypath NPM version =0.0.15, =0.0.2, =1.0.0, =0.1.1, =0.0.1, =1.0.1, =1.2.0, =1.0.2, =1.0.0, =1.457.521, =0.0.1, =0.0.1, =1.0.0 and more Source cves: CVE-2023-26139 Source advisory: OSV:GHSA-GPVC-MX6G-CCHV...

CVE-2023-26139

Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty function. Exploiting this vulnerability is possible due to improper input sanitization which allows the usage of arguments like “proto”...

CVE-2023-26139

underscore-keypath packages of version 0.0.11 and later are affected by a Prototype Pollution vulnerability in the setProperty() function via the name argument. Improper input sanitization allows strings such as proto to contaminate object prototypes, with the impact described as potential global...

@ckies/cli (>=0.0.2 <=0.0.4), @crawless/utils (>=1.0.0 <=1.0.24) +82 more potentially affected by CVE-2023-26139 via underscore-keypath (>=0.0.15 <=0.9.3)

underscore-keypath NPM version =0.0.15, =0.0.2, =1.0.0, =0.1.1, =0.0.1, =1.0.1, =1.2.0, =1.0.2, =1.0.0, =1.457.521, =0.0.1, =0.0.1, =1.0.0 and more Source cves: CVE-2023-26139 Source advisory: SNYK:JS-UNDERSCOREKEYPATH-5416714...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2022-1735)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1681)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-002 (ALASKERNEL-5.10-2022-002)

The version of kernel installed on the remote host is prior to 5.10.47-39.130. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-002 advisory. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-004 (ALASKERNEL-5.4-2022-004)

The version of kernel installed on the remote host is prior to 5.4.129-62.227. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-004 advisory. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the...

Ubuntu: Security Advisory (USN-4997-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9459)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9459 advisory. - fs/namespace.c: fix mountpoint reference counter race Piotr Krysiuk Orabug: 33369433 CVE-2020-12114 CVE-2020-12114 - btrfs: only search for...