CVE-2026-40636

creationtimestamp| type| source ---|---|--- 2026-05-11 10:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mll2y7rqub2d 2026-05-11 10:31:32+00:00| seen| https://infosec.exchange/users/offseq/statuses/116555476431173133 2026-05-11 10:44:11+00:00| seen|...

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

CVE-2025-40636

creationtimestamp| type| source ---|---|--- 2025-10-03 12:05:08+00:00| seen| Telegram/N8wCCdQlcBqevtSUS8U4YbAEyWJ708Zr847ECFnrQvWrMM...

CVE-2024-40636 Basic Auth Credential Leakage to Logs After Fetch Registry Error in Steeltoe.Discovery.Eureka with Peer Awareness

Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...

CVE-2024-40636 Basic Auth Credential Leakage to Logs After Fetch Registry Error in Steeltoe.Discovery.Eureka with Peer Awareness

Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...

CVE-2024-40636

creationtimestamp| type| source ---|---|--- 2024-07-17 13:44:40+00:00| published-proof-of-concept| https://github.com/SteeltoeOSS/security-advisories/security/advisories/GHSA-vmcp-66r5-3pcp 2024-07-17 20:44:06+00:00| seen| https://t.me/cvedetector/1115...

CVE-2023-40636

creationtimestamp| type| source ---|---|--- 2023-10-08 07:15:10+00:00| seen| https://t.me/cibsecurity/71785...

CVE-2023-40636

CVE-2023-40636 relates to a vulnerability in the telecom service where a missing permission check could allow writing permission usage records for an app, enabling local information disclosure. The underlying issue requires System-level execution privileges for exploitation, with a CVSSv3.1 base ...

CVE-2022-40636

creationtimestamp| type| source ---|---|--- 2022-09-15 20:27:52+00:00| seen| https://t.me/cibsecurity/49842...

CVE-2022-40636

CVE-2022-40636 affects Ansys SpaceClaim 2022 R1. The root cause is a parsing flaw in JT files that allows reading beyond allocated buffers, enabling remote code execution. Exploitation requires user interaction (target visits a malicious page or opens a malicious file). The vulnerability is docum...

CVE-2021-40636

creationtimestamp| type| source ---|---|--- 2022-03-03 16:26:06+00:00| seen| https://t.me/cibsecurity/38354...

CVE-2021-40636

CVE-2021-40636 affects OS4ED OpenSIS 8.0 and involves a SQL injection in CheckDuplicateName.php that can extract information from the database. The connected sources confirm the vulnerability is due to SQL injection in that file and document the impact as information disclosure from the database....