Lucene search
K

610 matches found

RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-56140

A flaw was found in the Apache Camel AWS SNS component camel-aws2-sns. An improper input validation vulnerability exists in the Sns2HeaderFilterStrategy due to a missing inbound filter rule. However, this component is producer-only, meaning it does not process external messages in a way that woul...

9.8CVSS5.9AI score0.0016EPSS
Exploits0References4
NVD
NVD
added yesterday10 views

CVE-2026-56140

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...

9.8CVSS0.0016EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-56140

CVE-2026-56140 describes an improper input validation in the Apache Camel AWS SNS component (camel-aws2-sns) due to a missing inbound filter in Sns2HeaderFilterStrategy. The Red Hat/NVD entries confirm the issue is a defense-in-depth hardening change with no known exploit path because camel-aws2-...

9.8CVSS6AI score0.0016EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-56140

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...

9.8CVSS6AI score0.0016EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added yesterday26 views

CVE-2026-56140 Apache Camel AWS2 SNS: An inbound Camel-namespace filter was added to Sns2HeaderFilterStrategy to align it with sibling components

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...

0.0016EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday9 views

PT-2026-55912

Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.0.0 through 4.14.7 Apache Camel versions 4.15.0 through 4.18.2 Apache Camel versions 4.19.0 through 4.20.9 Description Improper input validation exists in the camel-aws2-sns component. The Sns2HeaderFilterStrategy...

9.8CVSS6AI score0.0016EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago12 views

EUVD-2026-37801

Steeltoe vulnerable to management-port isolation bypass via spoofed Host header...

8.2CVSS5.8AI score0.00238EPSS
Exploits0References5
ICS
ICS
added 2026/06/25 6:0 a.m.7 views

Delta Electronics DTM Soft

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system...

8.4CVSS6.2AI score0.00388EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.34 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS
Exploits0References7
CVE
CVE
added 2026/06/17 9:3 p.m.30 views

CVE-2026-50194

Steeltoe CVE-2026-50194 affects management endpoints when configured to listen on an alternate port. Versions 3.2.2–3.3.0 and 4.1.0 use the Host header to gate access instead of the socket port, enabling port-isolation bypass. Patches are in 3.4.0 and 4.2.0. If upgrading isn’t possible, apply exp...

8.2CVSS5.4AI score0.00238EPSS
Exploits0References3
ICS
ICS
added 2026/06/11 6:0 a.m.32 views

Naxclow IoT Platform

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to impersonate devices, intercept or manipulate communications, harvest sensitive credentials at scale, or gain unauthorized access. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

5.7AI score
Exploits0References13
GithubExploit
GithubExploit
added 2026/06/09 11:0 a.m.53 views

openshell-sandbox-poc

OpenShell + Kata Containers: Dual-Protection PoC A proof-of-c...

7.8CVSS7.8AI score0.96267EPSS
Exploits228
Wordfence Blog
Wordfence Blog
added 2026/06/04 9:5 p.m.45 views

Quarterly WordPress Threat Intelligence Report – Q1 2026

As the leader in WordPress security, Wordfence provides unparalleled security coverage that fully encompasses protection, active monitoring, detection, and response all built around our threat intelligence, demonstrating a strong commitment to security. Our mission is to ensure comprehensive...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/06/01 7:55 a.m.15 views

EUVD-2026-33597

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

5.8AI score0.00625EPSS
Exploits0References2
ICS
ICS
added 2026/05/28 6:0 a.m.19 views

MacGregor Voyage Data Recorder (VDR) G4e

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could result in an attacker gaining administrator access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References11
ICS
ICS
added 2026/05/28 6:0 a.m.18 views

KMW CCTV Security Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

9.1CVSS5.8AI score0.00624EPSS
Exploits0References13
ICS
ICS
added 2026/05/19 6:0 a.m.24 views

ScadaBR

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

6.3AI score
Exploits0References13
Malwarebytes
Malwarebytes
added 2026/05/18 10:42 a.m.17 views

Microsoft is changing Edge’s plaintext password behavior

Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/05/14 4:0 p.m.10 views

Defense in depth for autonomous AI agents

Designing Secure Autonomous AI Agents with Defense in Depth AI agents are moving beyond assistance and into action. Instead of generating content, they invoke tools, modify data, trigger workflows, and operate across systems with increasing autonomy. This shift changes the security problem...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/05/14 4:0 p.m.14 views

Defense in depth for autonomous AI agents

Designing Secure Autonomous AI Agents with Defense in Depth AI agents are moving beyond assistance and into action. Instead of generating content, they invoke tools, modify data, trigger workflows, and operate across systems with increasing autonomy. This shift changes the security problem...

5.9AI score
Exploits0
Rows per page
Query Builder