Lucene search
K

3339 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 1:3 p.m.4 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, an...

9.8CVSS8.9AI score0.00978EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/04/23 1:49 p.m.10 views

CLSA-2026-1776952176 ruby: Fix of 4 CVEs

CVE-2024-39908: fix ReDoS in REXML parser for repeated / character reference payloads - CVE-2024-41123: fix ReDoS in REXML source.match when no terminator string is specified - CVE-2024-41946: add XML entity expansion limit to REXML SAX and pull parsers - CVE-2024-43398: fix DoS via deep elements...

7.5CVSS6.6AI score0.01493EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 1:0 p.m.2 views

SUSE-SU-2026:21321-1 Security update for cockpit-podman

This update for cockpit-podman fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards...

9.2CVSS7.5AI score0.00519EPSS
Exploits1References5
OSV
OSV
added 2026/04/21 2:58 p.m.14 views

CLSA-2026-1776783520 nodejs: Fix of 2 CVEs

CVE-2026-26996: fix ReDoS in bundled minimatch caused by consecutive non-globstar characters, by coalescing them during pattern compilation - CVE-2026-27904: fix ReDoS in bundled minimatch from nested extglobs and multiple non-adjacent wildcards, by limiting globstar recursion...

8.7CVSS6.3AI score0.00519EPSS
Exploits2References1
OSV
OSV
added 2026/04/21 2:43 p.m.8 views

CLSA-2026-1776782592 nodejs: Fix of 2 CVEs

CVE-2026-26996: fix ReDoS in bundled minimatch caused by consecutive non-globstar characters, by coalescing them during pattern compilation - CVE-2026-27904: fix ReDoS in bundled minimatch from nested extglobs and multiple non-adjacent wildcards, by limiting globstar recursion...

8.7CVSS5.8AI score0.00519EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/04/21 12:7 a.m.6 views

CVE-2026-39320 Signal K Server has an Unauthenticated Regular Expression Denial of Service (ReDoS) via WebSocket Subscription Paths

Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service ReDoS attack within the WebSocket subscription handling logic. By injecting unescaped regex metacharacters into the...

7.5CVSS5.8AI score0.00427EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.5 views

Security update for cockpit-subscriptions (important)

openSUSE security update: security update for cockpit-subscriptions ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20532-1 Rating: important References: bsc1258637 Cross-References: CVE-2026-26996 CVSS scores: CVE-2026-26996 SUSE : 7.5...

8.7CVSS5.7AI score0.00519EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.7 views

Security update for cockpit (important)

openSUSE security update: security update for cockpit ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20504-1 Rating: important References: bsc1257836 bsc1258641 Cross-References: CVE-2026-25547 CVE-2026-26996 CVSS scores: CVE-2026-25547 SUSE : 7.5...

8.7CVSS5.7AI score0.00519EPSS
Exploits1References2
OSV
OSV
added 2026/04/20 1:4 p.m.3 views

SUSE-SU-2026:21245-1 Security update for cockpit-tukit

This update for cockpit-tukit fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards...

9.2CVSS7.3AI score0.00519EPSS
Exploits1References5
OSV
OSV
added 2026/04/17 8:5 p.m.6 views

SUSE-SU-2026:21256-1 Security update for cockpit-podman

This update for cockpit-podman fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards...

9.2CVSS7.5AI score0.00519EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/17 5:16 p.m.34 views

CVE-2026-40319 Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check

Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search without any timeout or complexity guard. A crafted regex pattern can trigger catastrophic backtracking,...

1CVSS0.00149EPSS
Exploits0References2
OSV
OSV
added 2026/04/16 1:9 p.m.7 views

SUSE-SU-2026:21241-1 Security update for cockpit

This update for cockpit fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards followed ...

9.2CVSS7.3AI score0.00519EPSS
Exploits1References5
OSV
OSV
added 2026/04/14 12:16 p.m.5 views

SUSE-SU-2026:21191-1 Security update for cockpit-subscriptions

This update for cockpit-subscriptions fixes the following issue: - CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character that doesn't appear in the test string bsc1258637...

8.7CVSS5.8AI score0.00519EPSS
Exploits1References3
OSV
OSV
added 2026/04/14 12:16 p.m.4 views

SUSE-SU-2026:21111-1 Security update for cockpit-subscriptions

This update for cockpit-subscriptions fixes the following issue: - CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character that doesn't appear in the test string bsc1258637...

8.7CVSS5.8AI score0.00519EPSS
Exploits1References3
OSV
OSV
added 2026/04/14 12:13 p.m.5 views

OPENSUSE-SU-2026:20532-1 Security update for cockpit-subscriptions

This update for cockpit-subscriptions fixes the following issue: - CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character that doesn't appear in the test string bsc1258637...

8.7CVSS5.8AI score0.00519EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

RockyLinux 8 : ruby:2.5 (RLSA-2023:7025)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7025 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 ruby: ReDoS vulnerability i...

8.8CVSS7AI score0.04127EPSS
Exploits1References9
OSV
OSV
added 2026/04/10 11:53 a.m.7 views

SUSE-SU-2026:21024-1 Security update for cockpit-machines

This update for cockpit-machines fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards...

9.2CVSS5.8AI score0.00519EPSS
Exploits1References5
OSV
OSV
added 2026/04/10 11:42 a.m.9 views

SUSE-SU-2026:21022-1 Security update for cockpit

This update for cockpit fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards followed ...

9.2CVSS6AI score0.00519EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2026/04/10 11:36 a.m.4 views

Security update for cockpit-machines

This update for cockpit-machines fixes the following issues: CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and may crash a Node.js process bsc1257836. CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive...

8.7CVSS6.7AI score0.00519EPSS
Exploits1References8
OSV
OSV
added 2026/04/10 11:33 a.m.3 views

OPENSUSE-SU-2026:20502-1 Security update for cockpit-podman

This update for cockpit-podman fixes the following issues: - CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and may crash a Node.js process bsc1257836. - CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive...

9.2CVSS5.8AI score0.00519EPSS
Exploits1References4
Rows per page
Query Builder