Lucene search
K

30855 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 7:25 a.m.10 views

CVE-2026-56379

A flaw was found in ImageMagick. This command injection vulnerability in the SVG Scalable Vector Graphics decoder allows a remote attacker to craft malicious SVG files. When these files are processed, the injected Magick Vector Graphics MVG commands can execute, potentially leading to arbitrary...

9.2CVSS6.6AI score0.00895EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.30 views

CVE-2026-52912 netfilter: nf_queue: hold bridge skb->dev while queued

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS0.00142EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52022

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DRBD module where the drbd adm dump devices function fails to call rcu read lock before rcu read unlock is invoked. This imbalance in Read-Copy-Update RCU—a...

6.8CVSS6AI score0.00117EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51931

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the usbhid module when handling USB devices that combine a HID component with a storage or UAS component. Because these components must be reset together, the...

4.1CVSS6AI score0.00176EPSS
Exploits0References17
OSV
OSV
added 2026/06/23 3:38 p.m.8 views

MAL-2026-6336 Malicious code in sync-external (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc297a0deaba794fdbfccc280a79c7cc895f21fc4e0122b1fba1bc4759b66c3f The package ships an obfuscated JavaScript file at shim/index.js using hex-style identifier mangling 0x391f3f, 0x3eff0a, 0x534564, etc. characteristi...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/23 10:3 a.m.2 views

SUSE-SU-2026:2530-1 Security update for libinput

This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 10:2 a.m.6 views

SUSE-SU-2026:2529-1 Security update for libinput

This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 8:53 a.m.5 views

SUSE-SU-2026:2524-1 Security update for libinput

This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 8:52 a.m.2 views

SUSE-SU-2026:2523-1 Security update for libinput

This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 6:19 a.m.6 views

Malicious code in node-core-libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d33f74e3f73fd5580ecf994b7db0349ee540754d65d4467b8b04b8c79e3d257b scripts/postinstall.js runs automatically on npm install Windows only and behaves as a classic install-time dropper. It XOR-decodes key 0x5A a...

6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.6 views

PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

8.7CVSS5.8AI score0.00726EPSS
Exploits0References12
NVD
NVD
added 2026/06/22 10:16 p.m.12 views

CVE-2026-56324

Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channelself endpoint that allows attackers to circumvent rate limiting by rotating the user-controlled deviceid parameter. Attackers can send multiple requests per second by changing deviceid values to flood the channeldevice...

8.8CVSS0.00271EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 9:4 p.m.7 views

EUVD-2026-38374

Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channelself endpoint that allows attackers to circumvent rate limiting by rotating the user-controlled deviceid parameter. Attackers can send multiple requests per second by changing deviceid values to flood the channeldevice...

8.8CVSS5.9AI score0.00271EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 2:35 p.m.2 views

SUSE-SU-2026:2492-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References3
OSV
OSV
added 2026/06/22 2:34 p.m.2 views

OPENSUSE-SU-2026:21028-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References2
OSV
OSV
added 2026/06/22 2:28 p.m.2 views

SUSE-SU-2026:22332-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.7AI score0.00118EPSS
Exploits1References3
OSV
OSV
added 2026/06/22 2:28 p.m.2 views

SUSE-SU-2026:22260-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.7AI score0.00118EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/06/22 12:45 p.m.35 views

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries

Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major device-maker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailand will block normal install...

5.9AI score
Exploits0
OSV
OSV
added 2026/06/22 12:6 p.m.2 views

SUSE-SU-2026:2485-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/06/22 9:11 a.m.24 views

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets. The Federal Court released a public version of the ruling on June 15. It is the first time the Canadian Security Intelligence...

6AI score
Exploits0
Rows per page
Query Builder