Lucene search
K

143 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/28 2:45 p.m.8 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/28 2:45 p.m.11 views

EUVD-2026-40000

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
CVE
CVE
added 2026/06/28 2:45 p.m.30 views

CVE-2026-13502

The CVE-2026-13502 entry concerns antlr ANTLR4 up to 4.13.2. It affects the function ObjectInputStream.readObject in the antlr4-maven-plugin’s GrammarDependencies.java, indicating a time-of-check time-of-use issue. The attack is restricted to local execution and requires a high degree of complexi...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-13502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file...

4.5CVSS5.1AI score0.00091EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/19 12:31 p.m.10 views

Vaadin Build Plugins is Affected by a Possible Information Disclosure Vulnerability

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2026/05/19 12:31 p.m.7 views

GHSA-J8MX-J73W-9MXW Vaadin Build Plugins is Affected by a Possible Information Disclosure Vulnerability

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/19 12:31 p.m.7 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...

7.2CVSS5.4AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 12:16 p.m.16 views

CVE-2026-7860

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS0.00117EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 11:1 a.m.57 views

CVE-2026-7860 Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 11:1 a.m.26 views

CVE-2026-7860

CVE-2026-7860 describes an information-disclosure risk in Vaadin build tools: Vaadin Maven/Gradle plugins can print the full set of environment variables to build logs when a frontend build fails (non-zero exit). This can expose credentials/secrets in CI logs and artifacts. Affected ranges and fi...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 11:1 a.m.4 views

CVE-2026-7860 Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS6AI score0.00117EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.19 views

PT-2026-41882

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2026/04/28 12:0 a.m.6 views

This Week in Spring - April 28th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! As I write this, I'm on PTO in beautiful Santorini, Greece, catching up on some news and about to cruise the islands for some sightseeing. There's nothing quite like springtime in the Mediterranean! I couldn't dream of enjoyin...

5.4AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 7:19 p.m.7 views

dev.dsf:dsf-maven-plugin (>=2.0.0 <=2.1.0) potentially affected by CVE-2026-40942 via dev.dsf:dsf-bpe-process-api-v2 (>=2.0.0-M3 <=2.1.0)

dev.dsf:dsf-bpe-process-api-v2 MAVEN version =2.0.0-M3, =2.0.0, =2.1.0 Source cves: CVE-2026-40942 Source advisory: OSV:GHSA-XMJ9-7625-F634...

6.3CVSS5.8AI score0.00291EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/10 12:31 p.m.10 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7FX...

7.5CVSS5.8AI score0.00896EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/09 6:31 p.m.9 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-XVQC-PP94-FMPX...

8.8CVSS6AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 9:31 a.m.10 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.2) +5 more potentially affected by CVE-2026-34197 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.2)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.2 Source cves: CVE-2026-34197 Source advisory: OSV:GHSA-RXPJ-7QVF-XV32...

8.8CVSS6.6AI score0.96666EPSS
Exploits13
vulnersOsv
vulnersOsv
added 2026/04/07 9:31 a.m.9 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.1) +5 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.1)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 Source cves: CVE-2026-33227 Source advisory: OSV:GHSA-H2H4-5M64-M273...

4.3CVSS5.8AI score0.00419EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:21 p.m.9 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33939 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33939 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15807043...

7.5CVSS7.2AI score0.00616EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/27 6:20 p.m.9 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33938 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33938 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803083...

8.1CVSS6.1AI score0.00709EPSS
Exploits1
Rows per page
Query Builder