Lucene search
K

207 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-41660

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS5.1AI score0.00299EPSS
Exploits0References7
CVE
CVE
added yesterday8 views

CVE-2026-14621

CVE-2026-14621 affects FederatedAI FATE (OSX Broker) up to 2.2.0. The vulnerability resides in QueuePushReqStreamObserver.initEggroll (file path java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java) where manipulation of rollSiteSessionId, dstRole, or dstPar...

3.1CVSS5.1AI score0.00299EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-14621

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS5.1AI score0.00299EPSS
Exploits0References7Affected Software1
Circl
Circl
added 2 days ago6 views

CVE-2026-58379

creationtimestamp| type| source ---|---|--- 2026-07-03 19:39:24+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mprceilsjt24 2026-07-03 22:01:58+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mprkdhbnlb2f 2026-07-03 22:30:00+00:00| seen|...

7.3CVSS5.9AI score0.00233EPSS
Exploits0References3
Circl
Circl
added 4 days ago4 views

CVE-2026-4629

creationtimestamp| type| source ---|---|--- 2026-07-01 20:57:52+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpmfsxv4b524 2026-07-02 12:26:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnzqezxyr2d...

6.5CVSS5.8AI score0.0024EPSS
Exploits1References2
Circl
Circl
added 6 days ago9 views

CVE-2026-50229

creationtimestamp| type| source ---|---|--- 2026-06-29 21:40:40+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mphhbocbak2p 2026-06-29 22:19:25+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mphjgx4ff32q 2026-06-29 23:32:51+00:00| seen|...

6.1CVSS5.7AI score0.00357EPSS
Exploits0References8
Circl
Circl
added 6 days ago7 views

CVE-2026-55957

creationtimestamp| type| source ---|---|--- 2026-06-29 21:36:56+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mphh2yd4ic23 2026-06-29 22:43:44+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mphksgifwx23 2026-06-29 22:51:37+00:00| seen|...

7.3CVSS5.9AI score0.00431EPSS
Exploits0References11
Circl
Circl
added 6 days ago6 views

CVE-2026-57341

creationtimestamp| type| source ---|---|--- 2026-06-29 16:01:47+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpgudozghx2b 2026-06-29 20:22:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphcw47xbf22...

6.5CVSS5.8AI score0.00258EPSS
Exploits0References2
Circl
Circl
added 6 days ago7 views

CVE-2026-13513

creationtimestamp| type| source ---|---|--- 2026-06-29 00:28:28+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpfa6sd5lg2m 2026-06-29 02:13:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpfg2pst3i2w...

5CVSS5.9AI score0.00133EPSS
Exploits0References2
Circl
Circl
added 6 days ago7 views

CVE-2026-13516

creationtimestamp| type| source ---|---|--- 2026-06-29 00:25:58+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpfa2crs3e25 2026-06-29 04:58:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpfpbuujq62j 2026-06-29 06:00:27+00:00| seen|...

9CVSS7.3AI score0.00466EPSS
Exploits0References3
Circl
Circl
added last week7 views

CVE-2026-13508

creationtimestamp| type| source ---|---|--- 2026-06-28 23:39:58+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpf5i3ikuf2s 2026-06-29 02:08:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpffrrfccn2x...

6.5CVSS6AI score0.00165EPSS
Exploits0References2
Circl
Circl
added 2026/06/26 10:47 p.m.6 views

CVE-2026-50767

creationtimestamp| type| source ---|---|--- 2026-06-26 22:47:01+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mp7zljs7au2o 2026-06-29 17:33:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgzi6wa632w...

5.4CVSS5.8AI score0.00204EPSS
Exploits1References2
OSV
OSV
added 2026/06/12 9:0 p.m.5 views

GHSA-X4QR-QW6H-WVXQ Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

6.5CVSS5.5AI score0.00019EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/12 9:0 p.m.14 views

Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...

5.4AI score0.00032EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/12 9:0 p.m.6 views

GHSA-VXM7-9X8V-8GM4 Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...

6.5CVSS5.4AI score0.00032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-49056

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.85.0 Description Authenticated users with the lowest-privilege Observer role can extract host enrollment secrets, specifically node key and orbit node key, using a cursor-based binary search oracle. The issue exists i...

6.5CVSS5.9AI score0.00032EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-49057

Name of the Vulnerable Software and Affected Versions Fleet affected versions not specified Description An issue in the Apple MDM commands listing endpoint allows authenticated users with the Observer role to extract sensitive data from joined database tables, such as host enrollment secrets and...

6.5CVSS5.9AI score0.00019EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.10 views

SUSE CVE-2026-46026

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 12:56 p.m.11 views

EUVD-2026-32407

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.8AI score0.00128EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts...

5.5CVSS6AI score0.00128EPSS
Exploits0References4
Rows per page
Query Builder