Lucene search
K

65330 matches found

Cvelist
Cvelist
added 2026/06/12 2:27 a.m.31 views

CVE-2026-48610

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

8.1CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 2:27 a.m.47 views

CVE-2026-48610

CVE-2026-48610 describes an Improper Access Control vulnerability on certain devices running UniFi OS. A remote attacker with network access could cause unauthorized changes to UniFi OS devices. The CVSSv3.1 base score is 8.1 (High) with network attack vector, high impact on confidentiality, inte...

8.1CVSS5.4AI score0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:27 a.m.14 views

EUVD-2026-36378

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

8.1CVSS5.4AI score0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:27 a.m.8 views

CVE-2026-48610

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

8.1CVSS5.2AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 12:33 a.m.6 views

OPENSUSE-SU-2026:20947-1 Security update for java-21-openj9

This update for java-21-openj9 fixes the following issues: Changes in java-21-openj9: - Make post scripts less noisy bsc1267355 - Use libalternatives instead of update-alternatives for distributions where libalternatives is available - Update to OpenJDK 21.0.11 with OpenJ9 0.59.0 virtual machine ...

9.8CVSS7AI score0.01157EPSS
Exploits2References59
VulnCheck KEV
VulnCheck KEV
added 2026/06/12 12:0 a.m.47 views

VulnCheck KEV: CVE-2026-25939

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on...

9.3CVSS5.4AI score0.12047EPSS
In wildExploits1References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48825

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

8.1CVSS5.4AI score0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48926

Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11.6.2 Mattermost versions prior to 11.5.5 Mattermost versions prior to 10.11.17 Description An issue exists where role updated websocket event broadcasts are not restricted to members of the affected team or...

4.3CVSS5.2AI score0.0018EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48973

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description Multiple mass assignment issues exist in the handling of collections, tag collections, event delegations, and shadow attributes. Certain controller actions accept user-supplied fields that shoul...

8.8CVSS5.3AI score0.00262EPSS
Exploits0References4
NVD
NVD
added 2026/06/11 9:16 p.m.11 views

CVE-2026-53814

OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spawned CLI runtimes ...

8.7CVSS0.00281EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 9:16 p.m.10 views

CVE-2026-53808

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS0.00194EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 8:6 p.m.10 views

EUVD-2026-36314

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS5.5AI score0.00194EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 1:56 p.m.10 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48738

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description An approval policy bypass exists in the Skill Workshop apply flow. This issue allows agent tool calls to set the apply variable to true even when the approvalPolicy is configured as pending. An...

6.5CVSS5.2AI score0.00194EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.5 views

FreeBSD : FreeBSD -- Arm CPU errata may bypass page table permission changes (438b0278-6474-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 438b0278-6474-11f1-958d-bc241121aa0a advisory. Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If o...

9.1CVSS5.5AI score0.00474EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.12 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 15.9, 18.10.8, 18.11.5, and 19.0.2...

3.7CVSS5.3AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.6 contained a security vulnerability. This vulnerability stemmed from a bypass of the approval policy in the Skill Workshop application process, allowing proxy tools to set appl...

6.5CVSS5.4AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 10:17 p.m.8 views

CVE-2026-53738

Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdpactionhandling AJAX handler. Attackers with an enabled role can delete posts or overwrite plugin settings via the f parameter, bypassing per-function capability checks...

8.1CVSS0.00248EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.8 views

CVE-2026-9211

An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation...

8.8CVSS5.5AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.13 views

CVE-2026-9212

Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations...

8.3CVSS5.7AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder