Lucene search
K

880 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-62197

OpenClaw before 2026.6.6 contains a policy bypass vulnerability in browser CDP discovery that accepts blocked WebSocket URLs. Attackers with lower-trust access can reach network destinations that should have been blocked by OpenClaw policy when the affected feature is enabled...

8.5CVSS0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 1:16 a.m.26 views

CVE-2026-10651

btsdpparseattribute in subsys/bluetooth/host/classic/sdp.c validated only that the SDP record buffer held the type-marker byte plus the 2-byte attribute ID a check of buf-len data0 before its only bounds guard an ASSERTNOMSG that compiles out when CONFIGASSERT is disabled, the production default,...

7.1CVSS0.00173EPSS
Exploits1References2
OSV
OSV
added 2026/06/23 1:16 a.m.3 views

UBUNTU-CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...

7.1CVSS6AI score0.00173EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/22 11:54 p.m.4 views

CVE-2026-10651 Out-of-bounds read in Bluetooth Classic SDP attribute parsing (`bt_sdp_parse_attribute`)

btsdpparseattribute in subsys/bluetooth/host/classic/sdp.c validated only that the SDP record buffer held the type-marker byte plus the 2-byte attribute ID a check of buf-len data0 before its only bounds guard an ASSERTNOMSG that compiles out when CONFIGASSERT is disabled, the production default,...

7.1CVSS6.1AI score0.00173EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/22 11:54 p.m.46 views

CVE-2026-10651 Out-of-bounds read in Bluetooth Classic SDP attribute parsing (`bt_sdp_parse_attribute`)

btsdpparseattribute in subsys/bluetooth/host/classic/sdp.c validated only that the SDP record buffer held the type-marker byte plus the 2-byte attribute ID a check of buf-len data0 before its only bounds guard an ASSERTNOMSG that compiles out when CONFIGASSERT is disabled, the production default,...

7.1CVSS0.00173EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 2026/06/09 2:0 p.m.62 views

May 12, 2026—Hotpatch KB5087423 (OS Build 26100.32772)

None None...

9.8CVSS6.9AI score0.99962EPSS
Exploits64
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.10 views

CVE-2026-42937

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...

7.1CVSS5.5AI score0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 9:22 p.m.9 views

CVE-2024-14036 Dräger Core 1.0.5 Denial of Service via Malformed SDC Message

Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.12 views

CVE-2026-34341

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.28 views

EUVD-2026-30009

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 2:12 p.m.64 views

CVE-2026-42937 iControl REST and tmsh vulnerability

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...

7.1CVSS0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.29 views

EUVD-2026-29600

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00199EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 4:59 p.m.31 views

CVE-2026-34341

CVE-2026-34341 is a Windows LLDP (Link-Layer Discovery Protocol) vulnerability described as a double free in LLDP that allows an authenticated, local attacker to gain elevated privileges. The connected documents confirm the issue and impact (local privilege escalation) but do not provide concrete...

7CVSS5.8AI score0.00199EPSS
Exploits0References1Affected Software14
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.16 views

Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00199EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/27 11:24 p.m.32 views

CVE-2026-41372 OpenClaw < 2026.4.2 - Loopback Protection Bypass via Trailing-Dot Localhost in CDP Discovery

OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses returning localhost. to retarget authenticated browser control toward localhost endpoints and expose...

6.9CVSS0.00251EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 7:40 p.m.6 views

CVE-2026-34063

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...

7.5CVSS5.8AI score0.00352EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.12 views

PT-2026-34544

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...

7.5CVSS5.8AI score0.00352EPSS
Exploits0References7
CNVD
CNVD
added 2026/04/21 12:0 a.m.40 views

Microsoft Windows SSDP Elevation of Privilege Vulnerability

Microsoft Windows SSDP is a simple service discovery provider program from Microsoft USA. Microsoft Windows SSDP suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

7CVSS5.8AI score0.00164EPSS
Exploits0
EUVD
EUVD
added 2026/04/14 6:30 p.m.6 views

EUVD-2026-22515

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

7CVSS5.9AI score0.002EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/14 4:58 p.m.5 views

CVE-2026-32068 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

7CVSS5.8AI score0.00164EPSS
Exploits0References1
Rows per page
Query Builder