Lucene search
K

31597 matches found

Circl
Circl
added 2026/06/26 3:1 a.m.8 views

CVE-2026-50742

creationtimestamp| type| source ---|---|--- 2026-06-26 03:01:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp5xd2fdsk2b 2026-06-29 21:52:56+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphhxli3am2b...

5.4CVSS5.8AI score0.00199EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.6 views

SUSE CVE-2026-53214

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...

5.8AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 1:26 a.m.8 views

CVE-2026-53263

A flaw was found in the Linux kernel's 6lowpan component. An off-by-one error during multicast context address compression can lead to the transmission of uninitialized kernel stack memory over the network. This vulnerability results in information disclosure, potentially allowing an attacker to...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 12:16 a.m.8 views

CVE-2026-13318

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS0.00164EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52949

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the soc/tegra: cbb component where a kernel page fault occurs during cross-fabric target timeout lookups. When a fabric receives an error interrupt that originated on ...

5.8AI score0.00154EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

SUSE SLES15 Security Update : nodejs24 (SUSE-SU-2026:2633-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2633-1 advisory. This update for nodejs24 fixes the following issues Update to 24.17.0: - CVE-2026-2581: undici: Undici: Denial of Service due to...

9.8CVSS6.7AI score0.02445EPSS
Exploits3References64
RedhatCVE
RedhatCVE
added 2026/06/25 11:54 p.m.6 views

CVE-2026-53224

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...

9.1CVSS5.9AI score0.00547EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:52 p.m.5 views

CVE-2026-53221

A flaw was found in the Linux kernel, specifically within the ip6vti component responsible for managing IPv6 tunnels. This vulnerability arises from an error in the vti6tnllookup function, which incorrectly matches network tunnels by failing to properly verify wildcard addresses during fallback...

9.8CVSS5.8AI score0.00559EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:12 p.m.8 views

CVE-2026-53006

A flaw was found in the Linux kernel's IPv6 Internet Protocol version 6 implementation. This vulnerability, a Use-After-Free UAF error, occurs due to incorrect caching of network packet addresses before a memory operation. An attacker could potentially exploit this flaw to cause memory corruption...

9.8CVSS6AI score0.00377EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 10:23 p.m.11 views

EUVD-2026-31398

golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement...

10CVSS6.9AI score0.03092EPSS
Exploits2References7
OSV
OSV
added 2026/06/25 10:23 p.m.7 views

GHSA-X527-X647-Q7GG golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

10CVSS7.1AI score0.03092EPSS
Exploits2References18
Github Security Blog
Github Security Blog
added 2026/06/25 10:23 p.m.13 views

golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

10CVSS5.8AI score0.03092EPSS
Exploits2References18Affected Software1
OSV
OSV
added 2026/06/25 10:17 p.m.4 views

DEBIAN-CVE-2026-7532

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

7.5CVSS5.8AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 9:31 p.m.13 views

CVE-2026-7532

CVE-2026-7532 describes an IP address name constraints bypass in WolfSSL when WOLFSSL_IP_ALT_NAME is not defined. In this configuration, IP address name constraints are not enforced, allowing a certificate to bypass an issuing CA’s IP address constraints. This affects WolfSSL deployments that rel...

7.5CVSS5.8AI score0.00155EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 9:31 p.m.20 views

CVE-2026-7532 iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

5.7CVSS0.00155EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:31 p.m.5 views

CVE-2026-7532

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

7.5CVSS5.8AI score0.00155EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/25 9:31 p.m.4 views

CVE-2026-7532

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

7.5CVSS5.8AI score0.00155EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 6:43 p.m.2 views

GO-2026-5244 Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes in github.com/gotenberg/gotenberg

Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes in github.com/gotenberg/gotenberg...

5.8AI score0.00051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.5 views

CVE-2026-53047

A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...

5.5CVSS6.3AI score0.00195EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.4 views

CVE-2026-53000

A flaw was found in the Linux kernel's netfilter component, specifically within the Network Address Translation NAT subsystem. This vulnerability involves improper memory management when releasing network filter operation structures. This could potentially allow an attacker to cause a system cras...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References4
Rows per page
Query Builder