21 matches found
CVE-2026-40478
creationtimestamp| type| source ---|---|--- 2026-04-17 23:20:34+00:00| published-proof-of-concept| Telegram/tNtN6ajST1i0hZ4W2szdcVpxF1Em9wIkkVyc-W9Ntpka1A 2026-04-17 23:50:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjq4jah7bm26 2026-04-26 04:07:08+00:00| seen|...
ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.com.cybernostics:theme-tree (=0.9.0) +2959 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf (>=3.0.0.ALPHA01 <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf MAVEN version =3.0.0.ALPHA01, =0.5.0, =0.9.6, =0.9.6, =1.0.0, =0.0.1, =1.0.0, =1.0, =3.4.0, =5.6.5, =4.1.0, =4.1.0, =3.6.0, =5.0.0, =5.5.7 and more Source cves: CVE-2026-40478 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078379...
ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), am.ik.home:uaa-server (>=1.0.0 <=1.9.0) +3260 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf (>=m1 <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf MAVEN version =m1, =0.5.0, =1.0.0, =0.9.6, =0.9.6, =1.0.0, =0.0.1, =1.0.0, =1.0, =3.4.0, =5.6.5, =4.1.0, =6.4.7 and more Source cves: CVE-2026-40478 Source advisory: OSV:GHSA-XJW8-8C5C-9R79...
ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.org.consumerdatastandards:client-cli (>=1.1.1 <=2.4.1) +1473 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring5 (>=3.0.10.RELEASE <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.10.RELEASE, =0.5.0, =1.1.1, =3.4.0, =5.6.5, =4.1.0, =4.1.0, =3.7.0, =3.7.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =3.7.0, =5.5.7 and more Source cves: CVE-2026-40478 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078378...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=6.10.0 <=6.10.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=6.10.0 <=6.10.5) +162 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring5 (>=3.0.9.RELEASE <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.9.RELEASE, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =1.19.0, =v1.1, =v1.2 - cn.haoxiaoyong.ocr.email:email-msg =v1.0 and more Source cves: CVE-2026-40478 Source advisory:...
best.skn:skn-spring-mail (>=1.0.0 <=2.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.0.0 <=8.8.1) +750 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring6 (>=3.1.0.M1 <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf-spring6 MAVEN version =3.1.0.M1, =1.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.6.0, =7.6.0, =7.0.0, =7.0.0, =8.8.1 and more Source cves: CVE-2026-40478 Source advisory: OSV:GHSA-XJW8-8C5C-9R79...
best.skn:skn-spring-mail (>=1.0.0 <=2.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.0.0 <=8.8.1) +750 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring6 (>=3.1.0.M1 <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf-spring6 MAVEN version =3.1.0.M1, =1.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.6.0, =7.6.0, =7.0.0, =7.0.0, =8.8.1 and more Source cves: CVE-2026-40478 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078377...
EUVD-2025-40478
Malicious code in bayu-saguer27-breki npm...
MAL-2025-40478 Malicious code in yeti-wisp-oyb043-project (npm)
The package yeti-wisp-oyb043-project was found to contain malicious code...
CVE-2024-40478
A Stored Cross Site Scripting XSS vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields...
CVE-2023-40478 NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability
NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, th...
CVE-2023-40478
Summary: CVE-2023-40478 affects NETGEAR RAX30 routers. The flaw is a stack-based buffer overflow in the telnet CLI service (TCP/port 23) caused by improper validation of input length, enabling remote code execution with root privileges. Access is network-adjacent, and authentication can be bypass...
CVE-2021-40478
Storage Spaces Controller Elevation of Privilege Vulnerability...
CVE-2021-40478 Storage Spaces Controller Elevation of Privilege Vulnerability
...
CVE-2021-40478
CVE-2021-40478 is described in the connected NVD entry as a Storage Spaces Controller Elevation of Privilege vulnerability. The CVSSv3.1 base score is 7.8 (HIGH), with attack vector LOCAL, attack complexity LOW, privileges required LOW, and no user interaction. The impact is listed as high confid...
Microsoft Windows Multiple Vulnerabilities (KB5006714)
This host is missing a critical security update according to Microsoft KB5006714 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KB5006732: Windows Server 2012 Security Update (October 2021)
The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself i...
KB5006699: Windows Server 2022 Security Update (October 2021)
The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
KB5006674: Windows 11 Security Update (October 2021)
The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
IBM DB2 10.5 < FP11 40479 / 11.1 < FP5 40478 / 11.5 < 11.5.5000.1587 Buffer Overflow (Windows)
A buffer overflow condition exists in IBM DB2 due to improper bounds checking. An unauthenticated, local attacker can exploit this to execute arbitrary code on the system with root privileges. Note that Nessus has not tested for this issue but has instead relied only on the application's...