Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4203 matches found

Vulnrichment
Vulnrichmentadded 2026/05/08 3:29 p.m.5 views

CVE-2026-42353 Path traversal / SSRF in i18next-http-middleware via user-controlled language and namespace parameters

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware passes the user-controlled lng and ns values from getResourcesHandler directly into...

8.2CVSS5.7AI score0.00021EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/08 3:29 p.m.29 views

CVE-2026-42353 Path traversal / SSRF in i18next-http-middleware via user-controlled language and namespace parameters

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware passes the user-controlled lng and ns values from getResourcesHandler directly into...

8.2CVSS0.00021EPSS
Exploits0References1
CVE
CVEadded 2026/05/08 3:29 p.m.9 views

CVE-2026-42353

CVE-2026-42353 affects i18next-http-middleware prior to 3.9.3. User-controlled lng and ns values flow from getResourcesHandler directly into i18next.services.backendConnector.load, and depending on the configured backend this can enable path traversal or SSRF. Public advisories (GHSA-jfgf-83c5-2c...

8.2CVSS5.7AI score0.00021EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/08 3:29 p.m.4 views

CVE-2026-42353

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware passes the user-controlled lng and ns values from getResourcesHandler directly into...

8.2CVSS5.7AI score0.00021EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/08 3:24 p.m.4 views

CVE-2026-41690 Prototype pollution and path traversal in i18next-http-middleware via user-controlled language and namespace parameters

18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Versions prior to 3.9.3 allow an unauthenticated HTTP client to pollute Object.prototype in the Node.js process hosting the middleware, via two unvalidated entry points that...

8.6CVSS5.9AI score0.00108EPSS
Exploits0References1
NVD
NVDadded 2026/05/08 3:17 p.m.6 views

CVE-2026-43472

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...

5.5CVSS0.00018EPSS
Exploits0References8
UbuntuCve
UbuntuCveadded 2026/05/08 3:17 p.m.3 views

CVE-2026-43472

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...

5.5CVSS5.7AI score0.00018EPSS
Exploits0References10
NVD
NVDadded 2026/05/08 3:16 p.m.5 views

CVE-2026-43403

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS0.00015EPSS
Exploits0References4
NVD
NVDadded 2026/05/08 3:16 p.m.4 views

CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS0.00017EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.4 views

CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS5.7AI score0.00017EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.5 views

CVE-2026-43403

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS5.7AI score0.00015EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.7 views

CVE-2026-43390

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper that...

5.5CVSS5.7AI score0.00017EPSS
Exploits0References4
OSV
OSVadded 2026/05/08 3:16 p.m.4 views

UBUNTU-CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS5.7AI score0.00017EPSS
Exploits0References5
OSV
OSVadded 2026/05/08 3:16 p.m.4 views

UBUNTU-CVE-2026-43403

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS5.7AI score0.00015EPSS
Exploits0References7
OSV
OSVadded 2026/05/08 3:16 p.m.4 views

UBUNTU-CVE-2026-43390

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper that...

5.5CVSS5.7AI score0.00017EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/08 2:22 p.m.29 views

CVE-2026-43472 unshare: fix unshare_fs() handling

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unsharefs handling There's an unpleasant corner case in unshare2, when we have a CLONENEWNS in flags and current-fs hadn't been shared at all; in that case copymntns gets passed current-fs instead of a private copy,...

0.00018EPSS
Exploits0References8
CVE
CVEadded 2026/05/08 2:22 p.m.10 views

CVE-2026-43472

The CVE describes a Linux kernel unshare(2) bug: when CLONE_NEWNS is requested and current->fs wasn’t previously shared, copy_mnt_ns() could receive a non-private fs_struct. If copy_mnt_ns() succeeds but a subsequent copy_cgroup_ns() fails, the destroyed namespace can leave current->fs->...

5.5CVSS5.7AI score0.00018EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVEadded 2026/05/08 2:21 p.m.6 views

CVE-2026-43403

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS5.7AI score0.00015EPSS
Exploits0
CVE
CVEadded 2026/05/08 2:21 p.m.13 views

CVE-2026-43403

CVE-2026-43403 concerns the Linux kernel nsfs component. The issue arises from insufficient permission checks in ns iteration ioctls, potentially allowing a privileged service to view information from other privileged services and perform information disclosure. Multiple sources (Red Hat, Debian,...

8.8CVSS5.7AI score0.00015EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/08 2:21 p.m.28 views

CVE-2026-43403 nsfs: tighten permission checks for ns iteration ioctls

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS0.00015EPSS
Exploits0References4
Rows per page
Query Builder