Lucene search
K

6 matches found

CVE
CVE
added yesterday6 views

CVE-2026-56220

Capgo before version 12.128.2 contains an authorization bypass in the public.manifest INSERT policy that lets read-only org members insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3_path values, which are served to devices via th...

7.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-42247

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...

7.1CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added yesterday10 views

CVE-2026-56220 Capgo - Unauthorized Manifest Insertion via Read-Only Org Member

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...

7.1CVSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/04/03 12:0 a.m.215 views

📄 DigitalOcean Droplet Agent Remote Command Execution

DigitalOcean Droplet Agent versions through 1.3.2 suffer from a remote command injection vulnerability via metadata poisoning and side-channel attacks. CVE-2026-24516-DigitalOcean-RCE. Technical analysis and PoC for CVE-2026-24516: Unauthenticated Root Remote Code Execution in DigitalOcean Drople...

8.8CVSS6.4AI score0.02502EPSS
Exploits2
HackRead
HackRead
added 2025/12/19 12:46 p.m.9 views

Docker Fixes ‘Ask Gordon’ AI Flaw That Enabled Metadata-Based Attacks

Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the "lethal trifecta" enabled this attack and...

7.3AI score
Exploits0
NVD
NVD
added 2025/02/11 1:15 a.m.8 views

CVE-2025-23191

Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...

3.1CVSS0.00229EPSS
Exploits0References2
Rows per page
Query Builder