Lucene search
K

735 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-60090

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS0.0041EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago10 views

EUVD-2026-43175

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS6.1AI score0.0041EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-60090 PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS0.0041EPSS
Exploits0References3
Chainguard
Chainguard
added 6 days ago6 views

CVE-2026-10532 vulnerabilities

Vulnerabilities for packages: localstack, thingsboard, kserve-modelmesh, sonar-scanner-cli, trino, management-api-for-apache-cassandra-4.0, nextflow, akhq, cassandra, knative-kafka-broker, cassandra-reaper, apache-nifi, airbyte-server-fips, zookeeper, ontop, nacos, keycloak-config-cli, kafbat-ui,...

6.3CVSS6.1AI score0.00342EPSS
Exploits0
Chainguard
Chainguard
added 6 days ago16 views

GHSA-JHQ6-GFMJ-V8FX vulnerabilities

Vulnerabilities for packages: localstack, thingsboard, kserve-modelmesh, sonar-scanner-cli, trino, management-api-for-apache-cassandra-4.0, nextflow, akhq, cassandra, knative-kafka-broker, cassandra-reaper, apache-nifi, airbyte-server-fips, zookeeper, ontop, nacos, keycloak-config-cli, kafbat-ui,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 6 days ago9 views

CVE-2026-10532 vulnerabilities

Vulnerabilities for packages: apache-nifi-registry, management-api-for-apache-cassandra-5.0, cassandra, keycloak-config-cli, akhq, nextflow, sonar-scanner-cli, trino, zookeeper, cassandra-reaper, thingsboard, kserve-modelmesh, apache-nifi...

6.3CVSS6.1AI score0.00342EPSS
Exploits0
Wolfi
Wolfi
added 6 days ago6 views

GHSA-JHQ6-GFMJ-V8FX vulnerabilities

Vulnerabilities for packages: apache-nifi-registry, management-api-for-apache-cassandra-5.0, cassandra, keycloak-config-cli, akhq, nextflow, sonar-scanner-cli, trino, zookeeper, cassandra-reaper, thingsboard, kserve-modelmesh, apache-nifi...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5467 Authorizer: CQL/N1QL Injection in Cassandra and Couchbase Backends via fmt.Sprintf String Interpolation in github.com/authorizerdev/authorizer

Authorizer: CQL/N1QL Injection in Cassandra and Couchbase Backends via fmt.Sprintf String Interpolation in github.com/authorizerdev/authorizer...

5.8AI score
Exploits0References4
NVD
NVD
added 2026/06/18 8:16 p.m.15 views

CVE-2026-47846

Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...

9.8CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 6:39 p.m.26 views

CVE-2026-47846

Bitnami Cassandra container images are affected by a retained default superuser vulnerability: when CASSANDRA_USER is customized, the init script creates a new superuser but may not drop the built-in cassandra account, leaving cassandra:cassandra active as an unintended access path. This can allo...

9.8CVSS5.3AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 6:39 p.m.9 views

CVE-2026-47846

Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...

9.8CVSS5.2AI score0.00338EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/18 6:39 p.m.21 views

CVE-2026-47846

Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...

9.8CVSS0.00338EPSS
Exploits0References1
OSV
OSV
added 2026/06/18 12:0 p.m.6 views

BIT-CASSANDRA-2026-47846 Default superuser cassandra:cassandra left active when CASSANDRA_USER is customized

Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...

9.8CVSS5.5AI score0.00338EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.18 views

PT-2026-50715

Name of the Vulnerable Software and Affected Versions Bitnami Cassandra container images versions 4.0.x prior to 4.0.20-photon-5-r7 Bitnami Cassandra container images versions 4.1.x prior to 4.1.11-photon-5-r7 Bitnami Cassandra container images versions 5.0.x prior to 5.0.8-photon-5-r4 /...

9.8CVSS6AI score0.00338EPSS
Exploits0References9
OSV
OSV
added 2026/06/17 1:27 p.m.10 views

ROOT-APP-MAVEN-CVE-2026-27314 CVE-2026-27314 in io.root.org.apache.cassandra:cassandra-all - Patched by Root

Root has patched CVE-2026-27314 in the io.root.org.apache.cassandra:cassandra-all package for Root:Maven. Multiple fixed versions available...

8.8CVSS5.8AI score0.00263EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/16 8:22 p.m.12 views

GHSA-C653-97M9-RCG9 vulnerabilities

Vulnerabilities for packages: spark-kubernetes-operator-fips, elasticsearch, reposilite, kserve-modelmesh, thingsboard, neo4j, logstash-fips, wazuh-indexer, logstash, pinot-fips, spark-kubernetes-operator, apache-pulsar-fips, strimzi-kafka-operator-fips, cassandra, knative-kafka-broker,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/16 8:22 p.m.10 views

CVE-2026-50010 vulnerabilities

Vulnerabilities for packages: spark-kubernetes-operator-fips, elasticsearch, reposilite, kserve-modelmesh, thingsboard, neo4j, logstash-fips, wazuh-indexer, logstash, pinot-fips, spark-kubernetes-operator, apache-pulsar-fips, strimzi-kafka-operator-fips, cassandra, knative-kafka-broker,...

7.5CVSS7AI score0.00269EPSS
Exploits0
Wolfi
Wolfi
added 2026/06/16 8:21 p.m.10 views

CVE-2026-50010 vulnerabilities

Vulnerabilities for packages: apache-pulsar, management-api-for-apache-cassandra-5.0, neo4j, cassandra, druid, logstash, solr, spark, tez, docker-selenium, infinispan, opensearch, thingsboard, kserve-modelmesh...

7.5CVSS7AI score0.00269EPSS
Exploits0
Wolfi
Wolfi
added 2026/06/16 8:21 p.m.10 views

GHSA-C653-97M9-RCG9 vulnerabilities

Vulnerabilities for packages: apache-pulsar, management-api-for-apache-cassandra-5.0, neo4j, cassandra, druid, logstash, solr, spark, tez, docker-selenium, infinispan, opensearch, thingsboard, kserve-modelmesh...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:18 p.m.14 views

GHSA-5XRH-QMMQ-W6CH vulnerabilities

Vulnerabilities for packages: pinot-fips, pinot, tez, apache-hop, management-api-for-apache-cassandra-4.1, thingsboard, seata, management-api-for-apache-cassandra-5.0, trino, celeborn, management-api-for-apache-cassandra-4.0, apache-hop-fips...

6.1AI score
Exploits0
Rows per page
Query Builder