Lucene search
K

14952 matches found

Chainguard
Chainguard
added 2026/04/11 2:18 a.m.5 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: terraform-provider-azapi-fips, dex, kubeflow-katib, blob-csi-fips, external-dns, net-kourier, atlas-fips, step-issuer, crossplane-provider-aws-kinesis-fips, kubevirt-cdi-uploadserver-fips, kots, crossplane-function-go-templating-fips, google-cloud-otel-ops-collector,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.10 views

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: dex, kind, dive, external-dns, net-kourier, mailpit-fips, atlas-fips, kubevirt-cdi-uploadserver-fips, kbld, kots, amazon-ecs-cni-plugins, jaeger, atlantis, helm-fips, kpt, weaviate, step-ca-fips, helm, nerdctl-fips, image-factory, chartmuseum-fips, rook, cloudbeat,...

5.5CVSS6.1AI score0.0029EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.11 views

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: terraform-provider-azapi-fips, dex, mongo-tools, blob-csi-fips, kind, dive, aws-otel-collector-fips, clickhouse-operator, external-dns, mailpit-fips, atlas-fips, net-kourier, crossplane-provider-aws-kinesis-fips, step-issuer, kubevirt-cdi-uploadserver-fips, kbld, kot...

7.5CVSS7.1AI score0.00621EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.7 views

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: terraform-provider-azapi-fips, dex, kind, kots, kubernetes-release, google-cloud-otel-ops-collector, amazon-ecs-cni-plugins, cadvisor-fips, kpt, kuberay-operator, q, dbmate, nerdctl-fips, image-factory, chartmuseum-fips, flannel-cni-plugin-fips, kube-vip,...

5.9AI score
Exploits0
Cvelist
Cvelist
added 2026/04/11 12:15 a.m.28 views

CVE-2026-5059 aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability

aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...

9.8CVSS0.01908EPSS
Exploits1References1
CVE
CVE
added 2026/04/11 12:15 a.m.75 views

CVE-2026-5059

CVE-2026-5059 – aws-mcp-server is a command-injection remote code execution vulnerability. The flaw occurs in how the server handles the allowed commands list, due to insufficient validation of a user-supplied string before it is used to perform a system call. This allows an unauthenticated attac...

9.8CVSS7.8AI score0.01908EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/11 12:0 a.m.13 views

aws-mcp-server 操作系统命令注入漏洞

aws-mcp-server is a lightweight service developed by Alexei Ledenev. It enables AI assistants to execute AWS CLI commands through the Model Context Protocol MCP in a secure, containerized environment. aws-mcp-server has an operating system command injection vulnerability, which stems from...

9.8CVSS7.7AI score0.01908EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/11 12:0 a.m.7 views

aws-mcp-server 操作系统命令注入漏洞

aws-mcp-server is a lightweight service developed by Alexei Ledenev. It enables AI assistants to execute AWS CLI commands through the Model Context Protocol MCP in a secure, containerized environment. aws-mcp-server has an operating system command injection vulnerability, which stems from...

9.8CVSS7.7AI score0.0183EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in...

9CVSS6.9AI score0.01815EPSS
Exploits5References3
OSV
OSV
added 2026/04/10 8:16 p.m.5 views

DEBIAN-CVE-2026-40175

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

4.8CVSS6.8AI score0.01815EPSS
Exploits5References1
OSV
OSV
added 2026/04/10 8:16 p.m.9 views

UBUNTU-CVE-2026-40175

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

9CVSS6.8AI score0.01815EPSS
Exploits5References6
UbuntuCve
UbuntuCve
added 2026/04/10 8:16 p.m.4 views

CVE-2026-40175

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

4.8CVSS7AI score0.01815EPSS
Exploits5References5
ATTACKERKB
ATTACKERKB
added 2026/04/10 7:23 p.m.11 views

CVE-2026-40175

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

4.8CVSS6.8AI score0.01815EPSS
Exploits5References8Affected Software1
OSV
OSV
added 2026/04/10 3:16 a.m.3 views

UBUNTU-CVE-2026-33551

An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role...

5.3CVSS5.8AI score0.0022EPSS
Exploits1References5
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.9 views

GHSA-WGXF-R68R-7W9H vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.3 views

GHSA-W53M-3RV6-Q4V9 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.4 views

GHSA-PW2V-CMFH-X2P3 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.9 views

CVE-2026-23171 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-aws, linux-gcp, linux-azure...

7.8CVSS7AI score0.00117EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.5 views

GHSA-42MQ-7943-CJ3H vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.5 views

GHSA-5JGQ-PV8M-5CX7 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-vmware, linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
Rows per page
Query Builder