Lucene search
K

1590 matches found

NVD
NVD
added 15 hours ago3 views

CVE-2026-55436

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a...

7.4CVSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-46700

Actual is a local-first personal finance tool. Prior to 26.6.0, the GET /secret/:name endpoint in @actual-app/sync-server checks only that the caller has a valid session and does not verify the caller is an admin, while the sibling POST /secret/ handler enforces an admin check in OpenID mode. Any...

4.3CVSS6AI score0.00025EPSS
Exploits0References5Affected Software1
Nuclei
Nuclei
added yesterday298 views

OwnCloud - Phpinfo Configuration

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment phpinfo. This information...

10CVSS7.3AI score0.78428EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added yesterday4 views

389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00549EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added yesterday5 views

389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00549EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41848

uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...

4.8CVSS5.9AI score0.00217EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55701

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. This occurs when consent...

3.5CVSS5.9AI score0.00146EPSS
Exploits0References7
NVD
NVD
added 5 days ago8 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS0.00297EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS6AI score0.00297EPSS
Exploits0References3Affected Software1
CVE
CVE
added 5 days ago22 views

CVE-2026-10055

CVE-2026-10055 affects Eclipse Theia (since 1.26.0). The issue arises in the backend /services/request-service RPC, which accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, then performs the HTTP request server-side and returns the full resp...

8.5CVSS6AI score0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
The Hacker News
The Hacker News
added 6 days ago8 views

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. "An operator tied to FortiBleed's infrastructure was found actively working...

9.8CVSS7.6AI score0.88505EPSS
Exploits8
RedHat Linux
RedHat Linux
added last week6 views

foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass

A flaw was found in foreman. Authenticated users with 'viewkeypairs' permission can bypass taxonomy scoping, allowing them to download private SSH Secure Shell keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant...

6.5CVSS5.7AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 2:7 p.m.8 views

EUVD-2026-41002

A flaw was found in foreman. Authenticated users with 'viewkeypairs' permission can bypass taxonomy scoping, allowing them to download private SSH Secure Shell keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant...

6.5CVSS5.7AI score0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/01 2:7 p.m.7 views

CVE-2026-5142 Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass

A flaw was found in foreman. Authenticated users with 'viewkeypairs' permission can bypass taxonomy scoping, allowing them to download private SSH Secure Shell keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant...

6.5CVSS5.7AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.4 views

EUVD-2026-40417

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...

8.8CVSS5.7AI score0.00374EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 10:16 p.m.6 views

CVE-2026-52868

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...

8.8CVSS0.00374EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 p.m.7 views

CVE-2026-35505

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS0.00379EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/30 9:9 p.m.3 views

CVE-2026-35505

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS6AI score0.00379EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 9:6 p.m.35 views

CVE-2026-52868 OFFIS DCMTK Toolkit Path Traversal

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...

8.8CVSS0.00374EPSS
Exploits0References3
Rows per page
Query Builder