Linux Distros Unpatched Vulnerability : CVE-2026-33376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate...

io.automatiko.addons.services:automatiko-receive-email-addon (>=0.7.0 <=0.46.0), org.apache.camel.kafkaconnector:camel-imap-kafka-connector (>=0.1.0 <=0.11.5) +21 more potentially affected by CVE-2026-33454 via org.apache.camel:camel-mail (>=3.0.0 <=4.14.5)

org.apache.camel:camel-mail MAVEN version =3.0.0, =0.7.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =4.10.3, =1.0.0, =3.25.0, =1.0.0, =1.0.0, =3.19.0, =3.27.3 and more Source cves: CVE-2026-33454https://...

Ubuntu 20.04 LTS : Linux kernel (HWE) vulnerabilities (USN-8188-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8188-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

@aiswarm/api-graphql (>=0.1.0 <=0.1.9), @aiswarm/conductor (>=0.1.1 <=0.1.9) +55 more potentially affected by CVE-2026-30241 via mercurius (>=10.5.1 <=16.1.0)

mercurius NPM version =10.5.1, =0.1.0, =0.1.1, =0.1.1, =0.1.2, =0.3.0, =0.3.0, =1.0.0, =1.0.16, =0.0.3, =0.1.0, =0.1.0, =2.37.0, =2.64.0 and more Source cves: CVE-2026-30241 Source advisory: OSV:GHSA-M4H2-MJFM-MP55...

CVE-2025-26385 Metasys product command injection vulnerability could allow remote SQL execution

Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command Command Injection Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects Metasys: Application and Data Server ADS installed...

io.github.hWorblehat:nexus3-external-auth-plugin (=0.1.0), org.sonatype.nexus.api.extdirect:nexus-api-extdirect-common (>=3.81.0-08 <=3.87.2-01) +112 more potentially affected by CVE-2026-0600 via org.sonatype.nexus:nexus-validation (>=3.0.0-b2015061001 <=3.87.2-01)

org.sonatype.nexus:nexus-validation MAVEN version =3.0.0-b2015061001, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.4.0-02, =3.60.0-02, =3.4.0-02, =3.21.0-01, =3.0.0-03, =3.4.0-02, =0.6.1, =0.10.2, =0.14.0 - org.sonatype.nexus.plugins:nexus-blobstore-restore =3.4.0-02 and more Source cves:...

eq3btsmart (=0.0.0), hass-auth-synology (>=0.0.0 <=0.4.28) +5 more potentially affected by CVE-2025-65713 via homeassistant (>=0.83.3 <=2024.12.5)

homeassistant PYPI version =0.83.3, =0.0.0, =2021.4.0, =0.4.11, =1.2.0, =0.3.0, =0.13.85 Source cves: CVE-2025-65713 Source advisory: OSV:GHSA-PP3G-XMM4-5CW9...

EUVD-2019-8019

Malware in sbrugna...

EUVD-2021-22608

Malware in sbrugna...

EUVD-2020-0616

Malware in sbrugna...

EUVD-2025-32056

Malicious code in bioql PyPI...

EUVD-2025-14030

Malicious code in bioql PyPI...

EUVD-2025-20759

Malicious code in bioql PyPI...

Ubuntu: Security Advisory (USN-7703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cc.zzzyu.seata:seata-server (=2.4.0), io.xuxiaowei.seata:seata-server (=2.4.0) +7 more potentially affected by CVE-2025-53606 via org.apache.seata:seata-serializer-fury (=2.4.0)

org.apache.seata:seata-serializer-fury MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-serializer-fury and may be impacted: - cc.zzzyu.seata:seata-server =2.4.0 - io.xuxiaowei.seata:seata-server =2.4.0 -...

com.apzda.cloud:apzda-cloud-gsvc-seata (>=1.2.22 <=3.4.0), io.xuxiaowei.seata:seata-server (>=2.1.0 <=2.2.0) +56 more potentially affected by CVE-2024-47552 +1 more via org.apache.seata:seata-config-core (>=2.1.0 <=2.2.0)

org.apache.seata:seata-config-core MAVEN version =2.1.0, =1.2.22, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.2.0 and more Source cves: CVE-2024-47552, CVE-2025-32897 Source advisory: OSV:GHSA-M964-FJRH-XXQ2...

CVE-2021-35975

Absolute path traversal vulnerability in the Systematica SMTP Adapter component up to v2.0.1.101 in Systematica Radius up to v.3.9.256.777 allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. Also: affected components in same product - HTTP Adapter u...

Gardener allows metadata injection for a project secret which can lead to privilege escalation

A security vulnerability was discovered in the gardenlet component of Gardener. It could allow a user with administrative privileges for a Gardener project to obtain control over the seed clusters where their shoot clusters are managed. Am I Vulnerable? This CVE affects all Gardener installations...

GHSA-9X73-87FH-54W9 Gardener allows metadata injection for a project secret which can lead to privilege escalation

A security vulnerability was discovered in the gardenlet component of Gardener. It could allow a user with administrative privileges for a Gardener project to obtain control over the seed clusters where their shoot clusters are managed. Am I Vulnerable? This CVE affects all Gardener installations...

org.apache.iotdb:integration-test (=2.0.1-beta), org.apache.iotdb:iotdb-cli (=2.0.1-beta) +2 more potentially affected by CVE-2025-26795 via org.apache.iotdb:iotdb-jdbc (>=2.0.1-beta <=2.0.2-1)

org.apache.iotdb:iotdb-jdbc MAVEN version =2.0.1-beta, =2.0.1-beta, =2.0.2-1 Source cves: CVE-2025-26795 Source advisory: SNYK:JAVA-ORGAPACHEIOTDB-10176117...