Lucene search
+L

221 matches found

OSV
OSV
added 2026/05/27 3:16 p.m.24 views

UBUNTU-CVE-2026-44838

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

5.3CVSS5.8AI score0.0025EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/27 3:3 p.m.23 views

CVE-2026-44838

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

8.1CVSS5.8AI score0.0025EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/27 3:3 p.m.9 views

CVE-2026-44838 RabbitMQ MQTT Topic Permission Authorization Bypass

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

5.3CVSS5.8AI score0.0025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:3 p.m.9 views

CVE-2026-44838

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

5.3CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/27 3:3 p.m.47 views

CVE-2026-44838 RabbitMQ MQTT Topic Permission Authorization Bypass

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

5.3CVSS0.0025EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 3:3 p.m.178 views

CVE-2026-44838

RabbitMQ MQTT plugin contains a permission bypass vulnerability: topic-level authorization uses user-supplied client_id substituted into a regex pattern without escaping. From 4.2.0 up to before 4.2.4, an authenticated MQTT user could inject regex operators to bypass topic restrictions. The issue...

8.1CVSS5.8AI score0.0025EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/18 4:16 p.m.20 views

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

7.5CVSS0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/18 12:0 a.m.44 views

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 5:30 p.m.13 views

EUVD-2026-27069

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 5:30 p.m.9 views

CVE-2026-42092 Global Settings Publication Exposes Sensitive Configuration to Any Authenticated User in Titra

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 5:30 p.m.41 views

CVE-2026-42092 Global Settings Publication Exposes Sensitive Configuration to Any Authenticated User in Titra

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS0.00219EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 5:30 p.m.3 views

CVE-2026-42092 Global Settings Publication Exposes Sensitive Configuration to Any Authenticated User in Titra

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS5.9AI score0.00219EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:25 p.m.4 views

CVE-2026-5367

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References12
CVE
CVE
added 2026/04/24 12:25 p.m.26 views

CVE-2026-5367

CVE-2026-5367 : A flaw in OVN (Open Virtual Network) allows a remote attacker to trigger an out-of-bounds read in ovn-controller by sending crafted DHCPv6 SOLICIT packets with an inflated Client ID length. This can disclose sensitive heap memory to the attacker’s VM port. Connected sources consis...

8.6CVSS5.2AI score0.00868EPSS
Exploits0References14
Cvelist
Cvelist
added 2026/04/24 12:25 p.m.36 views

CVE-2026-5367 Ovn: ovn: information disclosure via crafted dhcpv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS0.00868EPSS
Exploits0References11
Snyk
Snyk
added 2026/04/22 5:6 p.m.5 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to the SkipClientIDCheck configuration in the OIDC authentication provider, which disables audience claim validation. An attacker can gain unauthorized access by presenting a token issued for a different...

9.2CVSS5.5AI score0.00255EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 9:18 p.m.6 views

CVE-2026-40946

Oxia is a metadata store and coordination system. Prior to 0.16.2, the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience aud claim validation at the library level. This allows tokens issued for unrelate...

9.2CVSS5.7AI score0.00255EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.12 views

PT-2026-33836

Name of the Vulnerable Software and Affected Versions OVN affected versions not specified Description A flaw in OVN Open Virtual Network allows a remote attacker to cause the ovn-controller to perform an out-of-bounds read by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6...

8.6CVSS5.2AI score0.00868EPSS
Exploits0References44
OSV
OSV
added 2026/04/20 12:0 a.m.11 views

UBUNTU-CVE-2026-5367

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.8AI score0.00868EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/17 12:31 a.m.5 views

EUVD-2024-55551

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References3
Rows per page
Query Builder