219127 matches found
Exploit for CVE-2026-45332
CVE-2026-45332 — Broken Access Control in Automad CMS Proof o...
CVE-2026-9522
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
CVE-2026-9590
Improper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user with entry edit privileges to modify asset information without the required permission...
CVE-2026-45080
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...
CVE-2026-10591
Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive paths such as .vscode/tasks.json, enabling auto-executio...
CVE-2026-40715
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...
CVE-2026-40715
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...
EUVD-2026-33979
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...
CVE-2026-40715
Summary: Dell ThinOS 10 (pre-2602_10.0765) contains an Improper Access Control vulnerability that enables privilege escalation for a low-privilege, locally authenticated attacker. Affected component: ThinOS 10; root cause: improper access control. Impact: potential privilege escalation. Exploitat...
CVE-2026-40715
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...
CVE-2026-40713
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-40713
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure...
EUVD-2026-33977
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-40713
CVE-2026-40713 concerns Dell ThinOS 10, specifically versions prior to ThinOS10_2602_10.0765, with an improper access control vulnerability. The vulnerability allows an unauthenticated attacker who has physical access to potentially cause information exposure. The available documents do not provi...
CVE-2026-40713
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure...
The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs
Key Takeaways HazyBeacon CL-STA-1020 targets Southeast Asian government networks by abusing AWS Lambda Function URLs configured with AuthType: NONE as stealth command-and-control relays. Attackers use stolen IAM credentials to deploy Lambda functions that proxy malware communications through...
CVE-2026-45080 Klaw: Improper Access Control Allows Disclosure of Password Hash
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...
CVE-2026-45080 Klaw: Improper Access Control Allows Disclosure of Password Hash
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...
CVE-2026-45080
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...
EUVD-2026-33962
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...