EUVD-2026-29499

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...

Nexent 安全漏洞

Nexent is an open-source zero-code AI smart agent automatic generation platform developed by ModelEngine-Group. Version 1.7.5.2 of Nexent contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in the DELETE /indexname/documents...

CVE-2026-31215

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...

Security Bulletin: Apache Lucene PRISMA-2021-0081 X-Force 216835 security vulnerability

Summary Apache Lucene PRISMA-2021-0081 X-Force 216835 security vulnerability in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details Refer to the security bulletins list...

Elastic Elasticsearch 安全漏洞

Elastic Elasticsearch is a search engine based on the Lucene library from the Dutch company Elastic. A security vulnerability exists in Elastic Elasticsearch that stems from an unrestricted resource allocation that could lead to a denial of service...

Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2022-32287 and CVE-2023-39913 in FileNet Content Manager (FNCM) component Content Search Services (CSS) / Enterprise Content Management Text Search (ECMTS)

Summary Apache uimaj-core.jar security vulnerability CVE-2022-32287 and CVE-2023-39913 in FileNet Content Manager FNCM component Content Search Services CSS / Enterprise Content Management Text Search ECMTS Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Cloud Security Leveraging AI: A Fusion-Based AISOC for Malware and Log Behaviour Detection

Cloud Security Operations Center SOC enable cloud governance, risk and compliance by providing insights visibility and control. Cloud SOC triages high-volume, heterogeneous telemetry from elastic, short-lived resources while staying within tight budgets. In this research, we implement an...

Improper Certificate Validation

Overview org.elasticsearch.plugin:x-pack-security is an Elasticsearch Expanded Pack Plugin - Security Affected versions of this package are vulnerable to Improper Certificate Validation via the PKI realm. An attacker can impersonate other users by presenting specially crafted client certificates...

Insertion Of Sensitive Information Into Log File

org.elasticsearch:elasticsearch is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improper handling of request auditing for the reindex API, which allows an attacker to expose sensitive data if specific logging conditions are met...

Floragunn Search Guard FLX 安全漏洞

Floragunn Search Guard FLX is a security component for protecting Elastic Search from Floragunn, Germany. A security vulnerability exists in Floragunn Search Guard FLX 3.1.1 and earlier versions, which stems from an improperly implemented field mask rule for IP type fields, which could result in...

EUVD-2020-22480

Malware in sbrugna...

EUVD-2018-15019

Malware in sbrugna...

EUVD-2021-16530

Malware in sbrugna...

EUVD-2017-1982

Malware in sbrugna...

EUVD-2020-22393

Malware in sbrugna...

EUVD-2022-26863

Malicious code in bioql PyPI...

EUVD-2023-26146

Malicious code in bioql PyPI...

EUVD-2024-21244

Malicious code in bioql PyPI...

EUVD-2023-26010

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-24303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. CVE-2020-24303 Note that Nessus relies on the presence of the package...