Lucene search
+L

10314 matches found

EUVD
EUVD
added 2026/04/27 9:42 a.m.7 views

EUVD-2026-25806

The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component MailHeaderFilterStrategy only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a...

9.4CVSS5.3AI score0.00621EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/04/27 9:34 a.m.11 views

Camel-MINA Vulnerable to Deserialization of Untrusted Data

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

8.8CVSS6.3AI score0.00926EPSS
Exploits2References11Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/27 8:3 a.m.5 views

CVE-2026-40860 Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp

JmsBinding.extractBodyFromJms in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject without applying any ObjectInputFilter, class allowlist or class denylist. Because this code path is...

6.4AI score0.00881EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 7:53 a.m.8 views

CVE-2026-40048

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

6.3AI score0.00342EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/04/27 7:53 a.m.3 views

CVE-2026-40048 Apache Camel PQC: Unsafe Deserialization from FileBasedKeyLifecycleManager

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

7.8CVSS6.6AI score0.00342EPSS
Exploits1References8
CVE
CVE
added 2026/04/27 7:53 a.m.39 views

CVE-2026-40048

CVE-2026-40048 – Apache Camel PQC deserialization flaw : The Camel-PQC FileBasedKeyLifecycleManager deserializes the contents of .key files in the configured key directory via java.io.ObjectInputStream without ObjectInputFilter or class-loading restrictions. The vulnerable step is that the cast t...

7.8CVSS6.3AI score0.00342EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.8 views

Debian dla-4550 : libde265-0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4550 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4550-1 [email protected]...

8.7CVSS5.6AI score0.00349EPSS
Exploits2References8
Debian
Debian
added 2026/04/25 6:46 p.m.15 views

[SECURITY] [DLA 4548-1] distro-info-data database update

Debian LTS Advisory DLA-4548-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera April 25, 2026 https://wiki.debian.org/LTS Package : distro-info-data Version : 0.51+deb11u11 This is a routine update of the distro-info-data database for Debian LTS users. It updates t...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.8 views

Debian dla-4548 : distro-info-data - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4548 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4548-1 [email protected] https://www.debian.org/lts/security/...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.14 views

Debian dla-4546 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4546 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4546-1 [email protected]...

9.8CVSS6AI score0.04938EPSS
Exploits1References50
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Debian dla-4545 : gir1.2-packagekitglib-1.0 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4545 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4545-1 [email protected] https://www.debian.org/lts/security/...

5.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/21 7:23 p.m.11 views

CVE-2026-25525

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the Dataflow module in OpenMage LTS uses a weak blacklist filter...

4.9CVSS5.8AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2026/04/21 6:53 p.m.8 views

GHSA-3J5Q-7Q7H-2HHV OpenMage LTS: Customer File Upload Extension Blocklist Bypass → Remote Code Execution

The product custom option file upload in OpenMage LTS uses an incomplete blocklist forbiddenextensions = php,exe to prevent dangerous file uploads. This blocklist can be trivially bypassed by using alternative PHP-executable extensions such as .phtml, .phar, .php3, .php4, .php5, .php7, and .pht...

8.8CVSS6.1AI score0.00691EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/21 6:53 p.m.15 views

OpenMage LTS: Customer File Upload Extension Blocklist Bypass → Remote Code Execution

The product custom option file upload in OpenMage LTS uses an incomplete blocklist forbiddenextensions = php,exe to prevent dangerous file uploads. This blocklist can be trivially bypassed by using alternative PHP-executable extensions such as .phtml, .phar, .php3, .php4, .php5, .php7, and .pht...

8.8CVSS6.1AI score0.00691EPSS
Exploits1References3Affected Software1
Debian
Debian
added 2026/04/21 4:37 p.m.7 views

[SECURITY] [DLA 4523-1] python-geopandas security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4523-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb April 21, 2026 https://wiki.debian.org/LTS -...

8.6CVSS5.7AI score0.00385EPSS
Exploits1
EUVD
EUVD
added 2026/04/21 3:20 p.m.10 views

EUVD-2026-23903

OpenMage LTS: Cross-user wishlist import leads to private option & file disclosure...

5.3CVSS5.7AI score0.00176EPSS
Exploits1References4
OSV
OSV
added 2026/04/21 3:20 p.m.46 views

GHSA-665X-PPC4-685W OpenMage LTS: Cross-user wishlist import leads to private option & file disclosure

Cross-user wishlist item import via shared wishlist code, leading to private option disclosure and file-disclosure variant Summary The shared wishlist add-to-cart endpoint authorizes access with a public sharingcode, but loads the acted-on wishlist item by a separate global wishlistitemid and nev...

5.4CVSS5.7AI score0.00176EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/21 2:35 p.m.13 views

OpenMage LTS has a Path Traversal Filter Bypass in Dataflow Module

The Dataflow module in OpenMage LTS uses a weak blacklist filter strreplace'../', '', $input to prevent path traversal attacks. This filter can be bypassed using patterns like ..././ or ....//, which after the replacement still result in ../. An authenticated administrator can exploit this to rea...

4.9CVSS5.9AI score0.00502EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/04/21 2:32 p.m.4 views

GHSA-FG79-CR9C-7369 OpenMage LTS: Phar Deserialization leads to Remote Code Execution

PHP functions such as getimagesize, fileexists, and isreadable can trigger deserialization when processing phar:// stream wrapper paths. OpenMage LTS uses these functions with potentially controllable file paths during image validation and media handling. An attacker who can upload a malicious ph...

8.1CVSS6.4AI score0.00539EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/21 2:32 p.m.11 views

OpenMage LTS: Phar Deserialization leads to Remote Code Execution

PHP functions such as getimagesize, fileexists, and isreadable can trigger deserialization when processing phar:// stream wrapper paths. OpenMage LTS uses these functions with potentially controllable file paths during image validation and media handling. An attacker who can upload a malicious ph...

8.1CVSS6.4AI score0.00539EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder