Lucene search
K

385 matches found

CVE
CVE
added 6 days ago9 views

CVE-2026-14373

HashiCorp Nomad and Nomad Enterprise are affected by CVE-2026-14373 where the Docker task driver did not enforce allow_privileged for host namespace mode options (process, IPC, user, UTS). This can allow an authenticated job submitter to place a container in the host namespace on Linux clients an...

7.7CVSS6AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 3:6 a.m.13 views

CVE-2026-34034

CVE-2026-34034 affects Coolify prior to version 4.0.0-beta.466. The issue arises from insufficient validation of the sentinel_token setting in shell commands, enabling an authenticated user with access to server Sentinel settings to inject shell syntax and execute commands on the host when Sentin...

8.8CVSS6AI score0.00403EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/06 5:18 a.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/07/01 8:57 p.m.7 views

Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/07/01 8:57 p.m.5 views

GHSA-VX8H-4PRV-G744 Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 9:16 p.m.14 views

CVE-2026-34597

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticated Host Remote Code Execution RCE vulnerability was discovered in Coolify. The flaw resides in the handling of user-defined build parameters for the...

8.8CVSS0.00526EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 3:41 p.m.43 views

CVE-2026-41052 Rancher Privilege Escalation from Project Owner to Host

Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10...

9.4CVSS0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 4:23 p.m.7 views

EUVD-2026-39806

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...

9.9CVSS5.9AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the Flatpak portal allowed paths in the sandbox-expose options, which could be app-controlled symbolic links pointing to arbitrary paths. Flatpak’s “flatpak run” command mounted the resolved host path i...

10CVSS7.8AI score0.0168EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52166

Name of the Vulnerable Software and Affected Versions Drupal OpenAI Provider versions 0.0.0 through 1.1.1 Drupal OpenAI Provider versions 1.2.0 through 1.2.2 Description Insufficient sanitization of user-supplied URLs leads to a Server-Side Request Forgery SSRF, a flaw where an attacker can induc...

6.1AI score0.00142EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:0 p.m.4 views

CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS5.9AI score0.00133EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 7:35 p.m.9 views

Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

Impact A bug was found in containerd where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. Patches This bug has been fixed in the following containerd versions: 2.3.2...

8.2CVSS6AI score0.00208EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/18 1:5 p.m.6 views

GHSA-R2XF-7JW5-PJG6 Docker MCP Gateway: Argument injection via OCI image label YAML

Summary A maliciously crafted OCI image label can inject arbitrary arguments into the docker run command line constructed by the MCP Gateway. An attacker who controls an image that the victim references via docker://, or that the victim's catalog pulls a snapshot from, can mount the host...

8.7CVSS6.5AI score
Exploits0References2
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46873

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

7.5CVSS0.00114EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 5:16 p.m.11 views

CVE-2024-38487

api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions...

7CVSS0.00081EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 4:29 p.m.20 views

CVE-2024-38487

CVE-2024-38487 describes a vulnerability where an api-gateway container running with root privileges could escape the container and access the host system. Affected configuration: containerized api-gateway with root-level execution; root privileges combined with local attack vector enable host ac...

7CVSS5.3AI score0.00081EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 4:29 p.m.26 views

CVE-2024-38487

api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions...

7CVSS0.00081EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 11:55 p.m.26 views

CVE-2026-12161

CVE-2026-12161 affects Devolutions Remote Desktop Manager 2026.2.7. The flaw is in the SSH Elevate Shell feature, where improper input validation allows an authenticated user (with permission to create/modify a shared SSH entry) to run arbitrary commands on a remote SSH host using stored elevatio...

8.8CVSS5.7AI score0.00295EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.39 views

CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration

Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before the application starts...

5.3CVSS0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 2:35 p.m.34 views

CVE-2026-48858

The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...

6.5CVSS5.6AI score0.00234EPSS
Exploits0References6Affected Software3
Rows per page
Query Builder