Lucene search
K

4450 matches found

EUVD
EUVD
added 2026/06/10 12:31 a.m.12 views

EUVD-2026-35885

When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next execute...

5.9CVSS5.5AI score0.00223EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 12:16 a.m.20 views

CVE-2026-40991

When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next execute...

5.9CVSS0.00223EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:46 p.m.25 views

CVE-2026-40991

The CVE-2026-40991 issue affects Spring REST Docs: 4.0.0; 3.0.0–3.0.5; and 2.0.0.RELEASE–2.0.8.RELEASE. When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote HTTP API, an attacker who compromises the API or tricks a user into documenting a malicious API can ...

5.9CVSS5.5AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:46 p.m.40 views

CVE-2026-40991 XML External Entity (XXE) injection when documenting untrusted XML content

When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next execute...

5.9CVSS0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:46 p.m.11 views

CVE-2026-40991 XML External Entity (XXE) injection when documenting untrusted XML content

When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next execute...

5.9CVSS5.5AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 7:26 p.m.7 views

MINI-4544-48J2-8V57

Bulletin has no description...

5.3CVSS6.2AI score0.00856EPSS
Exploits0
OSV
OSV
added 2026/06/09 1:20 a.m.9 views

MINI-7C23-R4MG-Q24W

Bulletin has no description...

7.5CVSS7AI score0.03931EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.23 views

PT-2026-48306

Name of the Vulnerable Software and Affected Versions Spring REST Docs version 4.0.0 Spring REST Docs versions 3.0.0 through 3.0.5 Spring REST Docs versions 2.0.0.RELEASE through 2.0.8.RELEASE Description An XXE XML External Entity injection attack can occur when using spring-restdocs-webtestclie...

5.9CVSS6AI score0.00223EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2026/06/09 12:0 a.m.8 views

cve-2026-40991 - MEDIUM - XML External Entity (XXE) injection when documenting untrusted XML content

cve-2026-40991 - MEDIUM - XML External Entity XXE injection when documenting untrusted XML content...

5.9CVSS6.1AI score0.00223EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/08 12:34 p.m.15 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

9.9CVSS6.1AI score0.01161EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : YARD vulnerability (USN-8394-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8394-1 advisory. It was discovered that YARD incorrectly sanitized paths in its built-in documentation server. An...

7.5CVSS5.7AI score0.00388EPSS
Exploits0References2
OSV
OSV
added 2026/06/07 7:24 p.m.11 views

MINI-V378-HPC8-2VP4

Bulletin has no description...

9.1CVSS5.2AI score0.00525EPSS
Exploits0
OSV
OSV
added 2026/06/07 7:24 p.m.9 views

MINI-WW3F-MR9G-W9WF

Bulletin has no description...

10CVSS5.2AI score0.0044EPSS
Exploits0
OSV
OSV
added 2026/06/07 7:24 p.m.10 views

MINI-MHRR-P94W-MCCH

Bulletin has no description...

5.3CVSS6.6AI score0.00502EPSS
Exploits0
OSV
OSV
added 2026/06/07 3:45 p.m.6 views

MINI-VQ3X-7C4V-G3PG

Bulletin has no description...

9.1CVSS5.2AI score0.00533EPSS
Exploits0
OSV
OSV
added 2026/06/07 3:45 p.m.8 views

MINI-Q5Q2-CPVX-95RQ

Bulletin has no description...

7.5CVSS5.2AI score0.00359EPSS
Exploits0
OSV
OSV
added 2026/06/07 3:45 p.m.6 views

MINI-GJH4-V93Q-M8JF

Bulletin has no description...

5.3CVSS6.2AI score0.00856EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/06/06 3:17 p.m.77 views

Kernel-Exploit-Dojo-243

Kernel-Exploit-Dojo-243 CTF kernel exploitation notes, PoCs,...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/06 2:0 p.m.74 views

Kernel-Exploit-Dojo-255

Kernel-Exploit-Dojo-255 CTF kernel exploitation notes, PoCs,...

5.5AI score
Exploits0
OSV
OSV
added 2026/06/06 9:32 a.m.7 views

ECHO-9E9B-0B35-FE44

Bulletin has no description...

8.8CVSS5.2AI score0.0028EPSS
Exploits0References2
Rows per page
Query Builder