323 matches found
CVE-2026-50266
In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...
Security Updates for Microsoft Exchange Server (May 2026)
The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability as referenced in the May, 2026 security bulletin. - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Serve...
CVE-2026-42897
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
VulnCheck KEV: CVE-2026-42897
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42891
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-40416
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35429
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-40379
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-33833
Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29673
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29655
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29633
User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29580
Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-40416
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-40379
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35429
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-33833
Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42891
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-40379
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network...
Azure Machine Learning Notebook Spoofing Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...