Lucene search
K

19634 matches found

Microsoft KB
Microsoft KB
added 5 hours ago25 views

Description of the security update for SharePoint Server 2019: June 9, 2026 (KB5002874)

None None...

9.8CVSS6.5AI score0.02032EPSS
Exploits0
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-57218 RabbitMQ: AMQP 0-9-1 in combination with OAuth 2: consumer persistence can lead to post-revocation message disclosure

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.updatesecret refresh to reduced scopes because existing consumers are not canceled or reauthorized at delivery time after...

4.9CVSS0.00269EPSS
Exploits1References6
NVD
NVD
added 4 days ago5 views

CVE-2026-55890

Grav is a file-based Web platform. Prior to 2.0.0-rc.9, Grav's incomplete fix for stored XSS through the Markdown media attribute action CVE-2026-42841 leaves the sibling MediaObjectTrait::style method reachable through the same Markdown excerpt-action pipeline, allowing an editor to save Markdow...

4.8CVSS0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-55890 Grav: Stored CSS injection via Markdown image ?style=… reaches MediaObjectTrait::style()

Grav is a file-based Web platform. Prior to 2.0.0-rc.9, Grav's incomplete fix for stored XSS through the Markdown media attribute action CVE-2026-42841 leaves the sibling MediaObjectTrait::style method reachable through the same Markdown excerpt-action pipeline, allowing an editor to save Markdow...

4.8CVSS0.00187EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42946

Grav is a file-based Web platform. Prior to 2.0.0-rc.9, Grav's incomplete fix for stored XSS through the Markdown media attribute action CVE-2026-42841 leaves the sibling MediaObjectTrait::style method reachable through the same Markdown excerpt-action pipeline, allowing an editor to save Markdow...

4.8CVSS6.1AI score0.00187EPSS
Exploits0References3
Rockylinux
Rockylinux
added 4 days ago6 views

buildah security update

An update is available for buildah. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container...

9.1CVSS6.2AI score0.00525EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

RockyLinux 9 : libreoffice (RLSA-2026:36832)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36832 advisory. libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation CVE-2026-8357 Tenable has extracted the preceding...

7.8CVSS7.3AI score0.00139EPSS
Exploits0References3
Rockylinux
Rockylinux
added 6 days ago6 views

nginx:1.26 security, bug fix, and enhancement update

An update is available for nginx, module.nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

9.2CVSS7.9AI score0.03459EPSS
Exploits1
Amazon
Amazon
added 6 days ago4 views

Important: log4j-cve-2021-44228-hotpatch

Issue Overview: No CVE associated with this advisory Affected Packages: log4j-cve-2021-44228-hotpatch Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

10CVSS7.2AI score0.99999EPSS
Exploits354
Rockylinux
Rockylinux
added 2026/07/07 12:3 a.m.9 views

nodejs:24 security, bug fix, and enhancement update

An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

9.8CVSS7.1AI score0.02806EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

RockyLinux 9 : mariadb:10.11 (RLSA-2026:33482)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33482 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to...

10CVSS6.5AI score0.00998EPSS
Exploits0References15
Rockylinux
Rockylinux
added 2026/07/05 12:3 p.m.6 views

rrdtool security update

An update is available for rrdtool. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The round robin database RRD system stores and displays time-series data, suc...

7.8CVSS6.2AI score0.00132EPSS
Exploits0
Mageia
Mageia
added 2026/07/04 6:38 a.m.9 views

Updated yt-dlp packages fix security vulnerabilities

CVE-2026-50019 If curl is used as an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect or when the host for download fragments differs from their parent manifest's. CVE-2026-50023 A vulnerability exists in yt-dlp that allows a remote attacker to write...

9.6CVSS6.6AI score0.00555EPSS
Exploits1References4
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.15 views

CVE-2026-4372 vulnerabilities

Vulnerabilities for packages: text-generation-inference, tritonserver-backend-vllm-cuda-12.9...

7.8CVSS7AI score0.00479EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

RockyLinux 9 : ruby:4.0 (RLSA-2026:33577)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33577 advisory. ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses CVE-2026-42245 ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol...

7.6CVSS6AI score0.00813EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.9 views

AlmaLinux 9 : perl-IO-Compress (ALSA-2026:30859)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:30859 advisory. perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob CVE-2026-48962 Tenable has extracted the preceding description...

7.8CVSS6.5AI score0.00292EPSS
Exploits3References3
NVD
NVD
added 2026/06/27 6:16 a.m.8 views

CVE-2026-13245

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-55189

RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage backend without ever calling the IAM authorization function that the FTP write/list handlers and t...

7.7CVSS0.00201EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:59 p.m.8 views

CVE-2026-55189

RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage backend without ever calling the IAM authorization function that the FTP write/list handlers and t...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
Rockylinux
Rockylinux
added 2026/06/26 6:3 p.m.6 views

python-wheel security update

An update is available for python-wheel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Wheel is the reference implementation of the Python wheel packaging...

7.5CVSS6.9AI score0.02659EPSS
Exploits1
Rows per page
Query Builder