CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.28.0 Release.

Red Hat OpenShift Dev Spaces 3.28.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.28 release is based on...

10CVSS7AI score0.00175EPSS

Exploits19References41

RedHat Linux•added 2026/04/23 2:43 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.1 Release.

Red Hat OpenShift Dev Spaces 3.27.1 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.27 release is based on...

9.9CVSS7.2AI score0.00398EPSS

Exploits20References27

Packet Storm•added 2026/04/22 12:0 a.m.•72 views

📄 Eclipse Che WebSocket Machine-Exec Remote Code Execution

This Python script is a WebSocket-based client designed to interact with an Eclipse Che / DevSpaces machine-exec service and test for an unauthenticated remote code execution vulnerability...

9CVSS6.4AI score0.45198EPSS

Exploits2

Packet Storm News•added 2026/04/17 12:0 a.m.•4 views

Eclipse Che Machine-Exec WebSocket Service Exposure Detector

This Python script is a lightweight security detection tool designed to identify potentially exposed or misconfigured machine-exec WebSocket services associated with Eclipse Che running on port 3333...

5.8AI score

Exploits0

VulnCheck KEV•added 2026/04/15 12:0 a.m.•4 views

VulnCheck KEV: CVE-2025-12548

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration SSH keys, tokens, etc. from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333...

9CVSS6.1AI score0.45198EPSS

In wildExploits2References6

Rapid7 Blog•added 2026/03/27 8:48 p.m.•5 views

Metasploit Wrap-Up 03/27/2026

Better NTLM Relaying Functionality This week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with modules for relaying to HTTP ESC8, MSSQL and LDAP while still receiving connections over the humble SMB service. Prior to this release, clien...

9.8CVSS7.3AI score0.0007EPSS

Exploits0

Metasploit•added 2026/03/25 6:58 p.m.•133 views

Eclipse Che machine-exec Unauthenticated RCE

This module exploits an unauthenticated remote code execution vulnerability in the Eclipse Che machine-exec service CVE-2025-12548. The machine-exec service, exposed on port 3333 within Red Hat OpenShift DevSpaces developer workspace containers, accepts WebSocket connections without authenticatio...

9CVSS6.6AI score0.45198EPSS

Exploits2

RedHat Linux•added 2026/02/17 6:20 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.1 Release.

Red Hat OpenShift Dev Spaces 3.26.1 has been released. 3.26.1 includes CVE fixes for CVE-2025-15467, CVE-2025-6176, CVE-2026-1761, CVE-2026-0719, CVE-2025-61732, and CVE-2025-61726. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams an...

8.8CVSS6.9AI score0.02889EPSS

Exploits7References8

RedHat Linux•added 2026/02/10 5:6 p.m.•2 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release.

Red Hat OpenShift Dev Spaces 3.26.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.26 release is based on...

8.9CVSS7AI score0.00071EPSS

Exploits9References16

NVD•added 2026/01/13 4:15 p.m.•2 views

CVE-2025-12548

9CVSS0.45198EPSS

Exploits2References5

Cvelist•added 2026/01/13 3:35 p.m.•17 views

CVE-2025-12548 Github.com/che-incubator/che-code: eclipse che — unauthenticated rce and secret exfiltration via tcp/3333

9CVSS0.45198EPSS

Exploits2References5

CVE•added 2026/01/13 3:35 p.m.•11 views

CVE-2025-12548

The CVE-2025-12548 issue affects Eclipse Che che-machine-exec, exposed in Red Hat OpenShift Dev Spaces. A flaw allows unauthenticated remote arbitrary command execution and secret exfiltration from other users’ Developer Workspace containers via an unauthenticated JSON-RPC/WebSocket API on TCP po...

9CVSS6.9AI score0.45198EPSS

In wildExploits2References5

ATTACKERKB•added 2026/01/13 3:35 p.m.•2 views

CVE-2025-12548

9CVSS5.7AI score0.45198EPSS

Exploits2References7

CNNVD•added 2026/01/13 12:0 a.m.•1 views

Eclipse Che 访问控制错误漏洞

Eclipse Che is a set of Java-based open source online integrated development environments IDEs from the Eclipse Foundation. An access control error vulnerability exists in Eclipse Che che-machine-exec, which originates from an unauthenticated remote attacker who can execute arbitrary commands and...

9CVSS6.2AI score0.45198EPSS

Exploits2References5

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2441

Name of the Vulnerable Software and Affected Versions Eclipse Che versions affected versions not specified Description A flaw exists in Eclipse Che che-machine-exec that permits unauthenticated remote arbitrary command execution and secret exfiltration, including SSH keys and tokens, from other...

9CVSS5.8AI score0.45198EPSS

Exploits2References13

RedhatCVE•added 2026/01/09 11:35 a.m.•1 views

CVE-2021-41034

The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...

8.1CVSS7AI score0.00204EPSS

Exploits0References1

RedHat Linux•added 2025/12/15 9:46 p.m.•7 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.25.0 Release.

Red Hat OpenShift Dev Spaces 3.25.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.25 release is based on...

9.9CVSS6.9AI score0.01681EPSS

Exploits15References9

RedHat Linux•added 2025/12/02 9:45 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.1 Release.

Red Hat OpenShift Dev Spaces 3.23.1 has been released. This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'...

9CVSS5.7AI score0.45198EPSS

Exploits2References3

RedHat Linux•added 2025/10/23 8:33 p.m.•3 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.0 Release.

Red Hat OpenShift Dev Spaces 3.24.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.24 release is based on...

8.8CVSS6.9AI score0.44079EPSS

Exploits4References11