Lucene search
+L

414 matches found

NVD
NVD
added 14 hours ago6 views

CVE-2026-62220

OpenClaw 2026.2.25 before 2026.5.26 allow a lower-trust caller or configured input path to bypass non-browser rate limits on WebSocket authentication attempts. When the affected feature is enabled and reachable by lower-trust input, this can consume gateway resources and reduce service availabili...

6.3CVSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-44747

SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and...

9.9CVSS0.00439EPSS
Exploits0References2
CVE
CVE
added 3 days ago28 views

CVE-2026-27690

CVE-2026-27690 describes an HTTP Request Smuggling vulnerability in SAP Approuter. An unauthenticated attacker can send specially crafted requests to trigger request–response desynchronization, potentially exposing user responses and causing service unavailability. The CVE’s impact is listed as h...

9.1CVSS6AI score0.00539EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-57937

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP affected versions not specified Description An authenticated attacker can exploit logical errors in memory management to trigger an out-of-bounds write, resulting in memory corruption. This issue can lead ...

9.9CVSS6.2AI score0.00439EPSS
Exploits0References21
CVE
CVE
added 5 days ago16 views

CVE-2026-56281

Capgo before 12.128.2 contains a SQL injection in POST /private/admin_stats: the limit parameter is destructured from an unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform admin credentials can inject SQ...

5.1CVSS6.1AI score0.00197EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 5:48 p.m.98 views

CVE-2026-47262

CVE-2026-47262 affects containerd where a maliciously crafted image can trigger a Denial of Service by exhausting memory during container creation, causing an Out-Of-Memory (OOM) kill of the containerd process and making the runtime API unavailable (impacting clients like Docker Engine and Kubern...

5.5CVSS5.7AI score0.00317EPSS
Exploits0References1Affected Software1
HackRead
HackRead
added 2026/06/11 12:49 p.m.17 views

The Hidden Security Risks of Poor Software Testing

Poor Software Testing can expose hidden flaws, vulnerable dependencies and weak controls, increasing breach risks, downtime and costly fixes after release...

5.5AI score
Exploits0
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.15 views

FPDI 资源管理错误漏洞

FPDI is an open-source PDF reading software developed by Setasign GmbH & Co. KG. Versions of FPDI prior to 2.6.7 contained a resource management vulnerability. This vulnerability allowed attackers to upload malicious PDF files, causing server-side scripts to crash due to memory exhaustion or scri...

6CVSS5.3AI score0.00259EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:34 p.m.23 views

CVE-2026-28237

AMD uProf exposes an issue described as unrestricted resource allocation that can be exploited to exhaust system resources, potentially impacting availability. The reports identify the affected component as AMD uProf, with local attack vector and low attack complexity, resulting in high impact on...

6.8CVSS5.4AI score0.00098EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-9509

An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...

8.7CVSS5.6AI score0.00351EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.26 views

PT-2026-46945

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.35.11 Description An issue exists in the Envoy gateway related to HTTP/2, which can be exploited to cause a denial of service, potentially bringing down an Evonode. There have been reports of elevated activities...

7.5CVSS5.7AI score0.00815EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-28379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/21 8:51 a.m.12 views

CVE-2026-44608

A flaw was found in Unbound. When operating in a multi-threaded configuration with specific Response Policy Zones RPZ using 'rpz-nsip' or 'rpz-nsdname' triggers, a locking inconsistency during an RPZ zone transfer XFR reload can occur. This timing issue may allow an adversary to trigger a heap...

8.2CVSS5.7AI score0.00255EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick, specifically in the MagickCore/statistic.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned long. This likely leads to a disruption in t...

7.8CVSS7AI score0.01183EPSS
Exploits1References2
NVD
NVD
added 2026/05/13 8:16 p.m.60 views

CVE-2026-28379

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS0.00262EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 8:16 p.m.7 views

UBUNTU-CVE-2026-28379

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References3
Grafana
Grafana
added 2026/05/13 12:0 a.m.13 views

Viewer-triggered race condition in Grafana Live leads to complete server crash

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00262EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40784

Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A race condition in Grafana Live enables authenticated users with the Viewer role to cause a server crash. By sending concurrent requests, an attacker can trigger a fatal map access error,...

6.8CVSS5.8AI score0.00434EPSS
Exploits0References157
CVE
CVE
added 2026/05/12 7:57 p.m.31 views

CVE-2026-44222

CVE-2026-44222 (vLLM) affects vLLM versions 0.6.1 through 0.19.x where a token-injection vulnerability in multimodal processing allows unauthenticated text prompts containing special tokens to be interpreted as control. When image/video placeholder sequences are provided without corresponding dat...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/05/12 3:16 a.m.63 views

CVE-2026-34260

SAP S/4HANA SAP Enterprise Search for ABAP contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the...

9.6CVSS0.00466EPSS
Exploits0References2
Rows per page
Query Builder