Lucene search
K

404 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-55830

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Prior to 8.3, checkfunctionargumentnames rejected protected guard hook names for regular, variadic, and keyword-only arguments but omitted...

8.3CVSS0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-55830

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Prior to 8.3, checkfunctionargumentnames rejected protected guard hook names for regular, variadic, and keyword-only arguments but omitted...

8.3CVSS5.9AI score0.00226EPSS
Exploits0References3Affected Software1
CVE
CVE
added 6 days ago8 views

CVE-2026-55830

Vulnerability summary (CVE-2026-55830) : In RestrictedPython, prior to version 8.3, check_function_argument_names() failed to reject protected guard hook names for positional-only arguments, enabling a local parameter to shadow special names such as getattr , getitem , write , or print . This cou...

8.3CVSS5.9AI score0.00226EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.7 views

CVE-2026-14156

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.002EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54297

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the StorageAccessAPI allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. The...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
CVE
CVE
added 2026/06/26 7:59 p.m.21 views

CVE-2026-55189

RustFS (distributed object storage in Rust) contains a vulnerability from 1.0.0-alpha.1 through 1.0.0-beta.9 where enabling the FTP frontend lets FTP read and probe handlers bypass the IAM authorization function, allowing authenticated users to read objects and probe buckets regardless of IAM pol...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 12:55 p.m.6 views

USN-8422-1 mistral vulnerability

Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints. An attacker could possibly execute arbitrary code on a Mistral worker and possibly extract sensitive data including service credentials from it...

9.9CVSS5.9AI score0.00733EPSS
Exploits0References2
Debian
Debian
added 2026/06/09 8:47 p.m.11 views

[SECURITY] [DSA 6333-1] mistral security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2026 https://www.debian.org/security/faq -...

9.9CVSS5.3AI score0.00733EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.19 views

PT-2026-45373

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Broker versions prior to 5.19.7 Apache ActiveMQ Broker versions 6.0.0 through 6.2.5 Apache ActiveMQ All versions prior to 5.19.7 Apache ActiveMQ All versions 6.0.0 through 6.2.5 Apache ActiveMQ versions prior to 5.19.7 Apache...

8.5CVSS7.5AI score0.00546EPSS
Exploits2References24
EUVD
EUVD
added 2026/05/13 6:30 p.m.13 views

EUVD-2026-29971

When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 4:16 p.m.12 views

CVE-2026-40067

When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00324EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.9 views

CVE-2026-40067 BIG-IP APM Vulnerability

When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 2:12 p.m.27 views

CVE-2026-40067

BIG-IP APM CVE-2026-40067 affects BIG-IP APM with vulnerable 21.x releases (e.g., 21.0.0 exposed). The issue occurs when an access policy is configured on a virtual server, allowing undisclosed traffic to trigger a denial-of-service by terminating the apmd process. The F5 advisory classifies this...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Palo Alto Networks Prisma Browser 代码问题漏洞

Palo Alto Networks Prisma Browser is an enterprise-level security browser developed by Palo Alto Networks. There is a code vulnerability in Palo Alto Networks Prisma Browser, which stems from a race condition issue. This vulnerability may allow non-administrative users with local access to bypass...

5.8CVSS5.9AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40645

Name of the Vulnerable Software and Affected Versions BIG-IP APM affected versions not specified Description Undisclosed traffic can cause the apmd process to terminate when a BIG-IP APM access policy is configured on a virtual server. Recommendations At the moment, there is no information about ...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References5
OSV
OSV
added 2026/05/12 2:57 a.m.5 views

MAL-2026-3523 Malicious code in @uipath/access-policy-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware febad4aef386c313b1c7878c4e8815c1cf931e738346cd4e7e6f53d439198d26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 2:57 a.m.10 views

Malicious code in @uipath/access-policy-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware febad4aef386c313b1c7878c4e8815c1cf931e738346cd4e7e6f53d439198d26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 2:56 a.m.12 views

Malicious code in @uipath/access-policy-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87fb4a7ca8257b97a21e311c9322a63b2691136e87c6a8ce12cc648890849f76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 2:56 a.m.9 views

MAL-2026-3522 Malicious code in @uipath/access-policy-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87fb4a7ca8257b97a21e311c9322a63b2691136e87c6a8ce12cc648890849f76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39273

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description The '/responses' endpoint in the OpenAI router allows any authenticated user to forward requests to upstream LLM providers without enforcing per-model access control. While the generate chat...

7.1CVSS5.9AI score0.00306EPSS
Exploits0References7
Rows per page
Query Builder