Lucene search
K

63 matches found

OSV
OSV
added 11 hours ago7 views

ROOT-OS-DEBIAN-12-CVE-2026-46072 CVE-2026-46072 in rootio-linux - Patched by Root

Root has patched CVE-2026-46072 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
Nuclei
Nuclei
added 12 hours ago8 views

XWiki - Cross-Site Scripting

XWiki is vulnerable to reflected Cross-Site Scripting XSS via the viewer=changes endpoint. The rev2 parameter is not properly sanitised before being rendered in the response, allowing an attacker to inject arbitrary JavaScript. Affects XWiki versions prior to the patched release. id: CVE-2026-401...

6.5CVSS6.5AI score0.00549EPSS
Exploits0References3
CVE
CVE
added 2 days ago26 views

CVE-2026-20706

Summary of CVE-2026-20706 (Gitea) Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint. The root cause is that the Download function (routers/web/repo/repo.go) did not invoke token scope validation (checkDow...

7.1AI score0.00256EPSS
Exploits0References4
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-14382

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References1
Chainguard
Chainguard
added 4 days ago10 views

CVE-2026-11128 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS5.8AI score0.00229EPSS
Exploits0
Chainguard
Chainguard
added 4 days ago3 views

CVE-2026-11300 vulnerabilities

Vulnerabilities for packages: chromium...

4.3CVSS5.8AI score0.00154EPSS
Exploits0
Wolfi
Wolfi
added 5 days ago6 views

CVE-2026-6976 vulnerabilities

Vulnerabilities for packages: gitlab-runner...

3.7CVSS5.8AI score0.00158EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 6 days ago12 views

Linux Distros Unpatched Vulnerability : CVE-2026-57436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new roo...

6.3CVSS6AI score0.00312EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/27 2:5 a.m.7 views

SUSE CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.35 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

6CVSS6.1AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

DEBIAN-CVE-2026-53162

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53159

The CVE-2026-53159 entry describes a Linux kernel vulnerability in the fastrpc path where fastrpc_get_args() uses find_vma() to locate the VMA for a user pointer and compute a DMA address offset. If the address lies in a gap before the returned VMA, (ptr & PAGE_MASK) - vma->vm_start underflows...

5.7AI score0.00172EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 5:17 p.m.3 views

DEBIAN-CVE-2026-52961

In the Linux kernel, the following vulnerability has been resolved: ceph: fix BUGON in cephbuildxattrsblob due to stale blob size The generic/642 test-case can reproduce the kernel crash: 40243.605254 ------------ cut here ------------ 40243.605956 kernel BUG at fs/ceph/xattr.c:918! 40243.607142...

5.7AI score0.00198EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/23 4:8 p.m.6 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6.5CVSS6.1AI score0.00175EPSS
Exploits0
Nuclei
Nuclei
added 2026/06/19 11:10 a.m.9 views

Splunk Enterprise & Cloud Platform - Unrestricted File Upload

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.The vulnerability exists because the PostgreSQL sidecar...

9.8CVSS6.2AI score0.88171EPSS
Exploits5References2
NVD
NVD
added 2026/06/18 9:16 p.m.11 views

CVE-2026-44663

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...

7.1CVSS0.00199EPSS
Exploits1References2
CVE
CVE
added 2026/06/16 7:27 p.m.11 views

CVE-2026-46849

Technical details about CVE-2026-46849 are not provided in the supplied documents. No affected products, impact, root cause, or remediation are disclosed. Monitor for updates from sources linked in the records.

8.1CVSS5.1AI score0.00375EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/16 11:52 a.m.5 views

CVE-2026-12293 Use-after-free in the Graphics: WebGPU component

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00302EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLES15 Security Update : strongswan (SUSE-SU-2026:2368-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2368-1 advisory. This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extensio...

5.4AI score
Exploits6References25
OSV
OSV
added 2026/06/09 11:17 p.m.4 views

UBUNTU-CVE-2026-9753

The $internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $internalApplyOplogUpdate can be executed by any authenticated user with access to the aggregate command...

8.1CVSS5.5AI score0.00298EPSS
Exploits0References3
Circl
Circl
added 2026/06/09 3:44 p.m.12 views

CVE-2026-42908

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

7.5CVSS5.3AI score0.0087EPSS
Exploits0References2
Rows per page
Query Builder