Lucene search
K

1431 matches found

RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.7 views

CVE-2026-40242

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.17.3, the /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme or host validation...

7.2CVSS5.8AI score0.00621EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-40311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-fr...

5.5CVSS5.8AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/04/13 9:43 p.m.25 views

CVE-2026-40312

ImageMagick (affected component: MSL decoder) is vulnerable to an off-by-one error that can cause a crash when processing a malformed MSL file in all versions below 7.1.2-19. The issue has been fixed in 7.1.2-19. Impact is a crash (availability). Remediation: upgrade to ImageMagick 7.1.2-19 or la...

6.2CVSS5.8AI score0.00177EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.5 views

PT-2026-32427

Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...

8.4CVSS5.8AI score0.00178EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/10 8:18 p.m.18 views

LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()`

GHSA-fw9q-39r9-c252: Prototype Pollution via Incomplete Lodash set Guard in langsmith-sdk Severity: Medium CVSS 5.6 Status: Fixed in 0.5.18 --- Summary The LangSmith JavaScript/TypeScript SDK langsmith contains an incomplete prototype pollution fix in its internally vendored lodash set utility. T...

9.8CVSS5.8AI score0.00313EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/04/10 7:30 p.m.21 views

CVE-2026-40178 ajenti.plugin.core has a race conditions in 2FA

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 4:34 p.m.34 views

CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00181EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/09 4:41 p.m.5 views

EUVD-2026-20899

fast-jwt has a ReDoS when using RegExp in allowed leading to CPU exhaustion during token verification...

4.2CVSS5.9AI score0.00262EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.5 views

PT-2026-31689

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

1CVSS5.9AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 7:26 p.m.13 views

CVE-2026-35476

Summary : InvenTree (Open Source Inventory Management System) contains a privilege escalation flaw present before versions 1.2.7 and 1.3.0. A non-staff authenticated user can raise their account to staff level by sending a POST request to their user account endpoint because the API endpoint’s wri...

7.2CVSS6AI score0.00145EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/08 5:7 p.m.19 views

CVE-2026-33756

CVE-2026-33756 affects Saleor (e-commerce platform). The vulnerability lies in unbounded GraphQL query batching: from 2.0.0 up to just before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, the service allowed multiple GraphQL operations in a single HTTP request without an upper limit, bypassing per-qu...

7.5CVSS5.9AI score0.00435EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/04/07 7:35 p.m.3 views

CVE-2026-39373

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...

5.3CVSS5.4AI score0.00294EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/04/06 8:11 p.m.7 views

CVE-2026-35389

Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain checkChain: false. Any email signed with a self-signed or untrusted certificate was displayed as having a valid signature. This...

8.7CVSS5.9AI score0.00177EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/06 7:49 p.m.19 views

CVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount

Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...

5.9CVSS0.00275EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/03 3:14 p.m.3 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the file content endpoint. An attacker can access files belonging to other users by supplying a valid file identifier associated with the target user's files. Note: Vendor's statement...

5.3CVSS5.7AI score0.00221EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 3:28 a.m.16 views

Go JOSE Panics in JWE decryption

Impact Decrypting a JSON Web Encryption JWE object will panic if the alg field indicates a key wrapping algorithm one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW and the encryptedkey field is empty. The panic happens when cipher.KeyUnwrap in keywrap.go attempts to...

7.5CVSS6AI score0.00651EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/03 3:15 a.m.12 views

OpenClaw: Telegram audio preflight transcription enables resource consumption by unauthorized senders

Summary Telegram audio preflight transcription enables resource consumption by unauthorized senders Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: v2026.3.28 still lets unauthorized Telegram group senders trigger audio preflight before allowlist enforcement...

6.9CVSS5.8AI score0.00297EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 12:1 a.m.14 views

OpenClaw: Google Chat and Zalouser group sender allowlist bypass via policy downgrade

Summary When only a route-level group allowlist was configured, sender policy resolution silently downgraded from allowlist to open instead of preserving the configured group policy. Impact Any member of an allowlisted Google Chat space or Zalouser group could interact with the bot even when the...

5.3CVSS5.9AI score0.00297EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/31 11:56 p.m.5 views

GHSA-JCCR-RRW2-VC8H OpenClaw safeBins jq `$ENV` filter bypass allows environment variable disclosure

Summary The jq safe-bin policy blocked explicit env usage but still allowed jq programs that accessed environment data through $ENV. Impact An operator-approved safe-bin jq command could disclose environment variables that the safe-bin policy was supposed to keep out of scope. Affected Component...

7.7CVSS5.8AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 1:36 a.m.3 views

CVE-2026-33997 Moby: Off-by-one error in plugin privilege validation

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

6.8CVSS5.7AI score0.00387EPSS
Exploits0References10
Rows per page
Query Builder