CVE-2026-34262

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

CVE-2026-34262

CVE-2026-34262 concerns an information disclosure in SAP HANA Cockpit and SAP HANA Database Explorer. Connected sources indicate the issue allows leakage of X.509 private keys via Database Explorer access, enabling potential server impersonation. The PT-2026-32569 note emphasizes that patching al...

PT-2026-32810

CVE-2026-32084 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. https://t.co/h229XazPDT...

PT-2026-32807

Name of the Vulnerable Software and Affected Versions Windows File Explorer affected versions not specified Description Exposure of sensitive information in Windows File Explorer allows an authorized attacker to disclose information locally...

PT-2026-32805

Name of the Vulnerable Software and Affected Versions Windows File Explorer affected versions not specified Description Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. Recommendations At the moment,...

SAP HANA Cockpit和SAP HANA Database Explorer 安全漏洞

SAP HANA Cockpit and SAP HANA Database Explorer are both products of the German company SAP. SAP HANA Cockpit is a database monitoring and management console platform. SAP HANA Database Explorer is a database querying and development management tool. Both SAP HANA Cockpit and SAP HANA Database...

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file manager application developed by the American company Microsoft. The Microsoft Windows File Explorer has a vulnerability that allows for sensitive information to be obtained by attackers. The following products and versions are affected: Windows 10 Versio...

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file management application developed by the American company Microsoft. The Microsoft Windows File Explorer has a vulnerability that allows for information leakage. Attackers can exploit this vulnerability to access sensitive information. The following produc...

PT-2026-32569

CVE-2026-34262 - SAP HANA Cockpit leaks X.509 private keys via Database Explorer access patching isn't enough here. the keys are already out. if you're affected, you need to manually revoke and rotate certificates or the door stays open for server impersonation. that's the part most teams will...

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file manager application developed by the American company Microsoft. The Microsoft Windows File Explorer has a vulnerability that allows for the exposure of sensitive information. Attackers can exploit this vulnerability to obtain sensitive data. The followin...

GHSA-VFFH-X6R8-XX99 Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer

Impact Stored cross-site scripting XSS via crafted metric names in the Prometheus web UI: Old React UI + New Mantine UI: When a user hovers over a chart tooltip on the Graph page, metric names containing HTML/JavaScript are injected into innerHTML without escaping, causing arbitrary script...

Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer

Impact Stored cross-site scripting XSS via crafted metric names in the Prometheus web UI: Old React UI + New Mantine UI: When a user hovers over a chart tooltip on the Graph page, metric names containing HTML/JavaScript are injected into innerHTML without escaping, causing arbitrary script...

EUVD-2026-19701

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

CVE-2026-5383

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

CVE-2026-5383

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

CVE-2026-5383 runZero Explorer missing authorization check

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

CVE-2026-5383 runZero Explorer missing authorization check

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

CVE-2026-5383

Summary: CVE-2026-5383 affects runZero Explorer, described as an incorrect authorization (CWE-863) that could allow access to Explorer groups from outside the authorized organization scope. It is scored CVSSv3.1: AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L (4.4, Medium) and has been fixed in runZero Expl...

PT-2026-30878

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260208.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could lead to unauthorized acce...