6 matches found
CVE-2026-31215
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...
CVE-2026-31215
The CVE-2026-31215 issue affects Nexent v1.7.5.2, where the ElasticSearch service interface exposes an unauthorized DELETE /{index_name}/documents endpoint. The vulnerability arises from missing authentication/authorization and lack of validation for the path_or_url parameter, enabling unauthenti...
EUVD-2021-10115
Malware in sbrugna...
PT-2025-41175
Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.3.2 Description Nagios Log Server before version 2024R1.3.2 allows authenticated users with read-only API access to stop the Elasticsearch service. This is achieved by making a call to the...
EUVD-2025-29734
Malicious code in bioql PyPI...
CISA Thorium 安全漏洞
CISA Thorium is a highly scalable distributed malware analysis and data generation framework from the U.S. Cybersecurity and Infrastructure Security Administration CISA government division. A security vulnerability exists in CISA Thorium versions prior to 1.1.2 that stems from unvalidated TLS...