Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8146 matches found

Positive Technologies
Positive Technologiesadded 2026/03/26 12:0 a.m.4 views

PT-2026-28199

Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges...

7CVSS6.8AI score0.00031EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/03/25 9:31 p.m.3 views

CVE-2026-33247

A flaw was found in NATS-Server. If the NATS-Server is configured with static credentials provided through command-line arguments argv and the monitoring port is enabled, a remote attacker with access to the monitoring port can view these credentials. The /debug/vars endpoint on the monitoring po...

7.5CVSS5.7AI score0.00016EPSS
Exploits0References5
NVD
NVDadded 2026/03/25 8:16 p.m.3 views

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS0.00016EPSS
Exploits0References2
OSV
OSVadded 2026/03/25 8:16 p.m.2 views

DEBIAN-CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

5.3CVSS6.1AI score0.00016EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/03/25 8:16 p.m.1 views

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS6.3AI score0.00016EPSS
Exploits0References3
OSV
OSVadded 2026/03/25 8:16 p.m.2 views

UBUNTU-CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS5.8AI score0.00016EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/25 8:2 p.m.3 views

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS5.8AI score0.00016EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinuxadded 2026/03/25 8:2 p.m.4 views

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS5.8AI score0.00016EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/03/25 8:2 p.m.6 views

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS6AI score0.00016EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2026/03/25 4:56 p.m.2 views

SUSE CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.7AI score0.00018EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/03/25 3:22 p.m.1 views

CVE-2026-23303

A flaw was found in the Linux kernel's Server Message Block SMB client. When debug logging is enabled, the cifssetcifscreds function logs plaintext credentials, including usernames and passwords. This information disclosure vulnerability allows a local attacker with access to the debug logs to...

5.5CVSS5.7AI score0.00018EPSS
Exploits0References4
EUVD
EUVDadded 2026/03/25 12:30 p.m.1 views

EUVD-2026-15240

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.6AI score0.00018EPSS
Exploits0References7
NVD
NVDadded 2026/03/25 11:16 a.m.1 views

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS0.00018EPSS
Exploits0References8
OSV
OSVadded 2026/03/25 11:16 a.m.1 views

UBUNTU-CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.7AI score0.00018EPSS
Exploits0References9
UbuntuCve
UbuntuCveadded 2026/03/25 11:16 a.m.2 views

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.7AI score0.00018EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/03/25 10:26 a.m.2 views

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.6AI score0.00018EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2026/03/25 10:26 a.m.5 views

CVE-2026-23303

The CVE-2026-23303 vulnerability affects the Linux kernel SMB client: when logging is enabled, cifs_set_cifscreds can emit plaintext credentials (username/password) to logs. The issue is fixed by removing the debug log, preventing credential exposure. The connected advisories confirm the flaw exi...

5.5CVSS5.6AI score0.00018EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/03/25 10:26 a.m.14 views

CVE-2026-23303 smb: client: Don't log plaintext credentials in cifs_set_cifscreds

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

0.00018EPSS
Exploits0References8
OSV
OSVadded 2026/03/25 10:26 a.m.0 views

CVE-2026-23303 smb: client: Don't log plaintext credentials in cifs_set_cifscreds

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.7AI score0.00018EPSS
Exploits0References9
SUSE CVE
SUSE CVEadded 2026/03/25 12:26 a.m.2 views

SUSE CVE-2026-27900

The Terraform Provider for Linode versions prior to v3.9.0 logged sensitive information including some passwords, StackScript content, and object storage data in debug logs without redaction. Provider debug logging is not enabled by default. This issue is exposed when debug/provider logs are...

7.7CVSS6.1AI score0.00014EPSS
Exploits0References3
Rows per page
Query Builder