Lucene search
+L

19882 matches found

Imperva Blog
Imperva Blog
added yesterday7 views

Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core

TL;DR : A critical pre-authentication Remote Code Execution RCE vulnerability, dubbed "wp2shell" CVE-2026-63030, has been identified in WordPress Core. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a vulnerable WordPress installation without any preconditions,...

9.8CVSS6.8AI score0.08946EPSS
Exploits28
EUVD
EUVD
added yesterday13 views

EUVD-2026-45344

Authentication bypass using an alternate path or channel in Microsoft Edge Chromium-based allows an unauthorized attacker to perform tampering over a network...

5.4CVSS5.3AI score0.00227EPSS
Exploits0References2
CVE
CVE
added 2 days ago57 views

CVE-2026-57980

CVE-2026-57980 refers to a vulnerability in Microsoft Edge (Chromium-based) where an authentication bypass via an alternate path or channel could allow an unauthenticated, network-based tampering by an attacker. The description and connected sources consistently describe this as a network-exposed...

5.4CVSS5.3AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2 days ago6 views

RHSA-2026:41019 Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Bulletin has no description...

9.1CVSS4.8AI score0.01557EPSS
Exploits3References160
Redos
Redos
added 2 days ago5 views

ROS-20260717-73-0019

The vulnerability in the rendering mode of Microsoft Edge and Google Chrome browsers relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

8.8CVSS7.8AI score0.00589EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-60886

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An authentication bypass exists that allows an unauthorized attacker to perform tampering over a network by using an alternate path or channel. Recommendations At the...

5.4CVSS5.2AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago10 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.9AI score0.01557EPSS
Exploits3References25
Microsoft CVE
Microsoft CVE
added 3 days ago35 views

Microsoft Edge (Chromium-based) Tampering Vulnerability

Authentication bypass using an alternate path or channel in Microsoft Edge Chromium-based allows an unauthorized attacker to perform tampering over a network...

5.4CVSS5.4AI score0.00227EPSS
Exploits0
RedHat Linux
RedHat Linux
added 3 days ago9 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.8AI score0.02474EPSS
Exploits7References32
Tenable Nessus
Tenable Nessus
added 3 days ago7 views

RHEL 10 / 9 : Red Hat Edge Manager Version 1.1.3 Security Update (Important) (RHSA-2026:41019)

The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:41019 advisory. Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports...

10CVSS6.3AI score0.01557EPSS
Exploits3References48
NVD
NVD
added 4 days ago5 views

CVE-2026-49997

SurrealDB is a scalable, distributed, collaborative, document-graph database for the realtime web. Prior to 3.1.0, Document::purgeedges in surrealdb/core/src/doc/delete.rs automatically removed graph edge records with permissions disabled through opt.clone.withpermsfalse when a connected node was...

5.4CVSS0.00347EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago8 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.8AI score0.02474EPSS
Exploits7References32
CVE
CVE
added 4 days ago22 views

CVE-2026-49997

CVE-2026-49997 affects SurrealDB prior to version 3.1.0, where Document::purge_edges could bypass edge table permissions for delete and select when a connected node was deleted. The issue occurs as edge records connected to a deleted node were removed with permissions disabled, bypassing edge-tab...

5.4CVSS6.1AI score0.00347EPSS
Exploits0References3
OSV
OSV
added 5 days ago4 views

JLSEC-2026-679 wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key...

wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using different keys into one DTLS record. The most extreme edge case is that, in DTLS 1.3, it was possible that an unencrypted DTLS 1.3 record...

5.3CVSS6.1AI score0.00513EPSS
Exploits0References5
Qualys Blog
Qualys Blog
added 5 days ago16 views

Microsoft and Adobe Patch Tuesday, July 2026 Security Update Review

Microsoft's July 2026 Patch Tuesday delivers security updates for a broad range of products and services, including several vulnerabilities that pose significant risks to enterprise environments. As attackers continue to target unpatched systems, the timely deployment of these updates remains one...

9.8CVSS7.5AI score0.20346EPSS
Exploits1
NVD
NVD
added 6 days ago10 views

CVE-2026-57800

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through = 1.5...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 6 days ago9 views

CVE-2026-57788

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Aalto aalto allows PHP Local File Inclusion.This issue affects Aalto: from n/a through = 1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago29 views

CVE-2026-57800 WordPress Overworld theme <= 1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through = 1.5...

7.5CVSS0.00496EPSS
Exploits0References1
Nuclei
Nuclei
added 6 days ago14 views

VMware NSX SD-WAN Edge - Command Injection

VMware NSX SD-WAN Edge formerly VeloCloud Edge before 3.1.2 contains an unauthenticated command injection in the local web UI diagnostic tools Ping/Traceroute. This template detects it reliably by injecting 'id', 'whoami', and a random marker. id: CVE-2018-6961 info: name: VMware NSX SD-WAN Edge ...

8.1CVSS7AI score0.86431EPSS
Exploits6References3
NVD
NVD
added last week17 views

CVE-2026-58596

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS0.00451EPSS
Exploits0References1
Rows per page
Query Builder