Lucene search
K

385 matches found

ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-43925

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, an unauthenticated mass assignment vulnerability in the client self-registration endpoint allows any visitor to assign themselves to an arbitrary client group during sign-up. Because client groups can...

6.9CVSS6.1AI score0.00081EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

OpenVPN 2.6.x < 2.6.20 / 2.7.x < 2.7.2 TLS Race Condition

According to its self-reported version number, the version of OpenVPN installed on the remote host is affected by a vulnerability: - A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a...

6.1CVSS6AI score0.00309EPSS
Exploits0References4
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2626 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

6.9CVSS5.3AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2625 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

6.1CVSS5.3AI score0.00309EPSS
Exploits0References2
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2624 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

6.9CVSS5.3AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2623 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

6.9CVSS5.4AI score0.00317EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:28 a.m.10 views

SUSE CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 9:16 p.m.22 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS0.00309EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 9:16 p.m.7 views

ALPINE-CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 7:59 p.m.11 views

EUVD-2026-35200

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 7:59 p.m.39 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS0.00309EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 7:59 p.m.30 views

CVE-2026-40215

OpenVPN vulnerability CVE-2026-35058 and CVE-2026-40215 affect OpenVPN 2.6.x and 2.7.x up to 2.7.1. The issues include: (1) CVE-2026-35058 — server crash via an ASSERT caused by a malformed tls-crypt-v2 packet, exploitable by a client with a valid tls-crypt-v2 key, and (2) CVE-2026-40215 — a race...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/08 7:59 p.m.4 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.11 views

CVE-2026-42185

People is an application to handle users and teams, and distribute permissions across La Suite. Prior to version 1.25.0, a user holding the Administrator role on a mail domain could send a crafted invitation request to promote any existing user including users with no current domain access to the...

5.5CVSS5.4AI score0.00263EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.27 views

Fedora 44 : objfw (2026-f9938a84c7)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f9938a84c7 advisory. Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler. ---- Update to 1.5.3 Tenab...

6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.10 views

PT-2026-45066

Name of the Vulnerable Software and Affected Versions praisonai-platform affected versions not specified Description A vertical privilege escalation exists where a user with the lowest privilege level can promote themselves to a workspace owner. The issue occurs because the PATCH...

9.6CVSS5.8AI score0.00032EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.14 views

FuzzPilot: Plateau-Triggered Recipe Validation for Structured Text Fuzzing

FuzzPilot is a controller for AFL++ that moves expensive reasoning out of the mutation hot path. When coverage plateaus, it snapshots the corpus, prepares candidate mutation recipes, evaluates them in short isolated AFL++ micro-campaigns, and promotes only recipes with positive validation reward...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.8 views

Token by Token, Compromised: Backdoor Vulnerabilities in Unified Autoregressive Models

Unified autoregressive models UAMs are transformer models that generate text as well as image tokens within a single autoregressive pass. Shared parameters and a multimodal vocabulary simplify the training pipeline and facilitate flexible multimodal generation, yet might introduce new...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.8 views

When LLMs Team Up: A Coordinated Attack Framework for Automated Cyber Intrusions

Automated intrusion-style workflows require LLM agents to reason over partial observations, tool outputs, and executable artifacts under bounded budgets. A single LLM instance often compresses evidence extraction, planning, execution, and validation into one context, which increases the risk of...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/08 8:16 p.m.21 views

CVE-2026-42185

People is an application to handle users and teams, and distribute permissions across La Suite. Prior to version 1.25.0, a user holding the Administrator role on a mail domain could send a crafted invitation request to promote any existing user including users with no current domain access to the...

5.5CVSS0.00263EPSS
Exploits0References3
Rows per page
Query Builder