Lucene search
+L

399 matches found

CVE
CVE
added 4 days ago24 views

CVE-2026-48736

Summary: CVE-2026-48736 affects Symfony's NoPrivateNetworkHttpClient and IpUtils::PRIVATE_SUBNETS, where IPv6 transition prefixes (6to4, NAT64, Teredo, IPv4‑mapped IPv6) could bypass private‑IP checks and enable SSRF-like behavior when processing attacker‑supplied URLs. What’s affected: Symfony f...

8.6CVSS6.1AI score0.0046EPSS
Exploits0References6Affected Software1
Metasploit
Metasploit
added 2026/07/10 7:2 p.m.22 views

FTP Fetch, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added 2026/07/10 7:2 p.m.38 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker over IPv6 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

6.2AI score
Exploits0
Metasploit
Metasploit
added 2026/07/10 7:2 p.m.20 views

FTP Fetch, Linux Command Shell, Bind TCP Inline (IPv6)

Fetch and execute a x86 payload from an FTP server. Listen for a connection over IPv6 and spawn a command shell Module Options...

6.2AI score
Exploits0
OSV
OSV
added 2026/07/10 6:5 p.m.3 views

CVE-2026-53450 Coturn: IPv4-mapped 127.0.0.1 bypasses default loopback peer protection

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/06 1:47 p.m.3 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:59 a.m.7 views

kernel: netfilter: flowtable: strictly check for maximum number of actions

A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs because the system does not strictly check the maximum number of hardware offload actions for IPv6, allowing it to process more actions than supported. This could potentially lead to system...

7.8CVSS5.9AI score0.00141EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/04 11:56 a.m.7 views

CVE-2026-53362

In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...

5.8AI score0.00176EPSS
Exploits0References7Affected Software1
Ubuntu
Ubuntu
added 2026/07/01 5:15 p.m.11 views

USN-8493-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS5.8AI score0.09796EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.21 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.00459EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.6 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.2AI score0.00322EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 11:16 p.m.9 views

CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS0.00205EPSS
Exploits1References2
CVE
CVE
added 2026/06/27 9:2 a.m.31 views

CVE-2026-49412

The CVE-2026-49412 issue affects FreeBSD’s IPv6_MSFILTER in the kernel: the handler drops a serializing lock to copy the source-filter list and later reacquires it, creating a window where another thread can free the multicast filter structure and leave a stale pointer. This use-after-free enable...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:13 a.m.6 views

ipv6: Fix a potential NPD in cleanup_prefix_route()

...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:10 a.m.6 views

ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options

...

7CVSS5.8AI score0.00128EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/26 9:0 a.m.6 views

CVE-2026-53249

A flaw was found in the Linux kernel's IPv4 networking component. This vulnerability allows an unprivileged application to set specific IP options, namely Loose Source and Record Route LSRR and Strict Source and Record Route SSRR. By exploiting this, an attacker can force network packets to...

7CVSS5.8AI score0.00128EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.7 views

CVE-2026-53275

A flaw was found in the Linux kernel's IPv6 multicast mcast component. When processing Multicast Listener Discovery MLD queries, a pointer to the multicast group address is not correctly reloaded after certain packet manipulations. This can lead to a use-after-free vulnerability, potentially...

8.8CVSS6AI score0.00252EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53228

In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnelhandleoffloads. For GSO skbs, iptunnelhandleoffloads calls...

9.8CVSS5.6AI score0.00559EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.23 views

CVE-2026-53219

The CVE-2026-53219 issue affects the Linux kernel netfilter x_tables path. The root cause is that native/compat get-entries copied the fixed rule entry header to userspace before sanitizing and overwriting the counter fields, exposing the percpu allocation address (pcnt) in SMP environments. The ...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53214

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...

5.7AI score0.00122EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder