Lucene search
K

43 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-47829

Argument Injection in bosh-cli allows a compromised BOSH Director to inject arbitrary OpenSSH options into the locally-spawned ssh process when an operator runs bosh ssh -c, bosh logs -f, or other non-interactive SSH paths, leading to local command execution on the operator's workstation. Affecte...

8.3CVSS7.4AI score0.00293EPSS
Exploits0References2
NVD
NVD
added 5 days ago10 views

CVE-2026-41857

A compromised or malicious BOSH Director can execute arbitrary shell commands on the operator's workstation when the operator runs bosh ssh or bosh scp/bosh logs -f with default flags. Affected versions: BOSH CLI versions prior to 7.10.5...

7.8CVSS0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-41857 BOSH CLI Shell Injection

A compromised or malicious BOSH Director can execute arbitrary shell commands on the operator's workstation when the operator runs bosh ssh or bosh scp/bosh logs -f with default flags. Affected versions: BOSH CLI versions prior to 7.10.5...

7.8CVSS0.00148EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago10 views

CVE-2026-41857

A compromised or malicious BOSH Director can execute arbitrary shell commands on the operator's workstation when the operator runs bosh ssh or bosh scp/bosh logs -f with default flags. Affected versions: BOSH CLI versions prior to 7.10.5...

7.8CVSS7.3AI score0.00148EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 6 days ago7 views

CVE-2026-41857 - BOSH CLI Shell Injection | Cloud Foundry

High ● CVSSv4: High 7.1CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N ● CVSSv3: High 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Vendor CloudFoundry BOSH Versions Affected Severity is High unless otherwise noted. BOSH CLI – All versions prior to 7.10.5 inclusive Description ...

7.8CVSS6.2AI score0.00148EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41859

A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...

7.8CVSS5.5AI score0.00098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41010

ReleaseJobunpack builds jobdir = File.join@releasedir, 'jobs', name and jobtgz = File.join@releasedir, 'jobs', "name.tgz" where name returns @jobmeta'name', a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolat...

8.7CVSS5.7AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 4:17 a.m.16 views

CVE-2026-41010

ReleaseJobunpack builds jobdir = File.join@releasedir, 'jobs', name and jobtgz = File.join@releasedir, 'jobs', "name.tgz" where name returns @jobmeta'name', a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolat...

8.7CVSS0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 3:16 a.m.17 views

CVE-2026-41859

A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...

7.8CVSS0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 2:27 a.m.8 views

CVE-2026-41010

ReleaseJobunpack builds jobdir = File.join@releasedir, 'jobs', name and jobtgz = File.join@releasedir, 'jobs', "name.tgz" where name returns @jobmeta'name', a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolat...

8.7CVSS5.9AI score0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:27 a.m.6 views

CVE-2026-41010

ReleaseJobunpack builds jobdir = File.join@releasedir, 'jobs', name and jobtgz = File.join@releasedir, 'jobs', "name.tgz" where name returns @jobmeta'name', a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolat...

8.7CVSS5.9AI score0.00122EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 2:27 a.m.47 views

CVE-2026-41010

ReleaseJobunpack builds jobdir = File.join@releasedir, 'jobs', name and jobtgz = File.join@releasedir, 'jobs', "name.tgz" where name returns @jobmeta'name', a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolat...

8.7CVSS0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 2:27 a.m.17 views

EUVD-2026-34198

ReleaseJobunpack builds jobdir = File.join@releasedir, 'jobs', name and jobtgz = File.join@releasedir, 'jobs', "name.tgz" where name returns @jobmeta'name', a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolat...

8.7CVSS5.9AI score0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 2:27 a.m.29 views

CVE-2026-41010

The CVE describes a shell command-injection in BOSH Director during ReleaseJob#unpack: the code constructs a shell command using a name value taken verbatim from attacker-supplied release.MF and interpolates it into tar -C … -xf …, then executes via /bin/sh -c. Although the directory is created w...

8.7CVSS5.9AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 1:51 a.m.43 views

CVE-2026-41859

A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...

7.8CVSS0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 1:51 a.m.10 views

CVE-2026-41859

A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...

7.8CVSS5.8AI score0.00098EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 1:51 a.m.32 views

CVE-2026-41859

CVE-2026-41859 describes a man-in-the-middle between nats-sync and the BOSH director that can steal director credentials (Basic auth header or UAA client secret) and tamper with the VM list written into the NATS authorization file. Stolen credentials grant administrative director access. The issu...

7.8CVSS5.8AI score0.00098EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 1:51 a.m.18 views

EUVD-2026-34193

A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...

7.8CVSS5.8AI score0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 1:40 a.m.9 views

CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelpercreateasyncendpoint and sendhttpgetrequestsynchronous hard-code OpenSSL::SSL::VERIFYNONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH...

8.8CVSS5.8AI score0.00074EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 1:40 a.m.40 views

CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelpercreateasyncendpoint and sendhttpgetrequestsynchronous hard-code OpenSSL::SSL::VERIFYNONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH...

8.8CVSS0.00074EPSS
Exploits0References1
Rows per page
Query Builder