Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4209 matches found

Positive Technologies
Positive Technologiesadded 2026/03/26 12:0 a.m.1 views

PT-2026-28270

A flaw was found in Red Hat OpenShift AI RHOAI llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user i...

8.1CVSS5.8AI score0.00016EPSS
Exploits1References7
CNNVD
CNNVDadded 2026/03/26 12:0 a.m.4 views

Llama Stack 安全漏洞

Llama Stack is a core building block for simplified artificial intelligence application development, open-sourced by Meta Llama. There is a security vulnerability in Llama Stack, which stems from the lack of network policy restrictions on access to the llama-stack server endpoints. This...

8.1CVSS7.1AI score0.00016EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/03/25 9:16 p.m.3 views

CVE-2026-33217

A flaw was found in NATS-Server. When Access Control Lists ACLs were configured for message subjects, these controls were not correctly applied within the $MQTT. namespace. This oversight allows MQTT clients to bypass the intended ACL checks, potentially granting unauthorized access to sensitive...

8.1CVSS5.6AI score0.00036EPSS
Exploits0References5
OSV
OSVadded 2026/03/25 8:16 p.m.3 views

DEBIAN-CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS6.1AI score0.00036EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/25 7:43 p.m.2 views

CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.8AI score0.00036EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/25 7:43 p.m.1 views

CVE-2026-33217 NATS allows MQTT clients to bypass ACL checks

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.8AI score0.00036EPSS
Exploits0References2
OSV
OSVadded 2026/03/25 7:43 p.m.1 views

CVE-2026-33217 NATS allows MQTT clients to bypass ACL checks

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.9AI score0.00036EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2026/03/25 7:43 p.m.3 views

CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS6.1AI score0.00036EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2026/03/25 7:43 p.m.3 views

CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.8AI score0.00036EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2026/03/25 4:55 p.m.6 views

SUSE CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

6.3CVSS5.7AI score0.00031EPSS
Exploits0References16
EUVD
EUVDadded 2026/03/25 12:30 p.m.3 views

EUVD-2026-15350

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

5.7AI score0.00031EPSS
Exploits0References7
NVD
NVDadded 2026/03/25 11:16 a.m.2 views

CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

5.5CVSS0.00031EPSS
Exploits0References8
UbuntuCve
UbuntuCveadded 2026/03/25 11:16 a.m.4 views

CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

5.5CVSS5.7AI score0.00031EPSS
Exploits0References8
OSV
OSVadded 2026/03/25 11:16 a.m.2 views

UBUNTU-CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

5.5CVSS5.7AI score0.00031EPSS
Exploits0References9
OSV
OSVadded 2026/03/25 10:27 a.m.2 views

CVE-2026-23367 wifi: radiotap: reject radiotap with unknown bits

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

5.5CVSS5.7AI score0.00031EPSS
Exploits0References9
CVE
CVEadded 2026/03/25 10:27 a.m.12 views

CVE-2026-23367

CVE-2026-23367 – Linux kernel (wifi: radiotap: reject radiotap with unknown bits) The issue arises in the radiotap parser used for the radiotap namespace. If an undefined field (field 18) is present, the alignment/size is unknown and iterator->_next_ns_data is not initialized for non-visible v...

5.5CVSS5.7AI score0.00031EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/25 10:27 a.m.0 views

CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

5.6AI score0.00031EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2026/03/25 10:27 a.m.16 views

CVE-2026-23367 wifi: radiotap: reject radiotap with unknown bits

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

0.00031EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/03/25 12:0 a.m.3 views

Nats-Server 安全漏洞

Nats-Server is a high-performance server developed by Nats Open Source, used for native message delivery systems on Nats.io, cloud, and edge environments. There were security vulnerabilities in versions of Nats-Server before 2.11.15 and 2.12.6. These vulnerabilities stemmed from the lack of ACL...

7.1CVSS6.4AI score0.00036EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/03/24 9:44 p.m.5 views

NATS allows MQTT clients to bypass ACL checks

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server provides an MQTT client interface. Problem Description When using ACLs on message subjects, these ACLs were not applied in t...

7.1CVSS5.8AI score0.00036EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder