Lucene search
K

5728 matches found

NVD
NVD
added yesterday3 views

CVE-2026-56353

n8n contains an authentication bypass in the Chat Trigger node when configured with n8n User Auth a non-default configuration. In affected releases — before 1.123.22, the 2.0.0 through 2.9.2 line, and 2.10.0 — the authentication check on the Chat Trigger webhook endpoint can be circumvented,...

6.3CVSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-48069 @grpc/grps-js: An incoming malformed compressed message can cause a client or server crash

@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming compressed message can cause a client or server process that uses @grpc/grpc-js to crash. This issue is fixed in...

7.5CVSS0.00625EPSS
Exploits0References13
NVD
NVD
added 2 days ago4 views

CVE-2026-45305

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup used regular expressions with overlapping quantifiers for YAML directive, comment, and document marker cleanup,...

8.7CVSS0.00663EPSS
Exploits0References6
OSV
OSV
added 3 days ago2 views

CLEANSTART-2026-SI58032 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-35206, ghsa-f6x5-jh6r-wrfv, ghsa-hr2v-4r36-88hr, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2 applied in versions: 0.8.10-r0, 0.8.11-r0, 0.8.4-r0

Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS6.1AI score0.0052EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 3 days ago7 views

PT-2026-57852

Name of the Vulnerable Software and Affected Versions ServiceNow AI platform affected versions not specified Description An issue in the ServiceNow AI platform allows an unauthenticated user with network access to perform a sandbox escape, which is a process of breaking out of a restricted...

9.5CVSS6.4AI score0.00509EPSS
Exploits0References12
NVD
NVD
added 4 days ago8 views

CVE-2026-15491

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS0.00627EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-43213

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS6.7AI score0.00627EPSS
Exploits0References4
NVD
NVD
added 5 days ago7 views

CVE-2026-10660

The Bluetooth BAP Broadcast Assistant GATT client in subsys/bluetooth/audio/bapbroadcastassistant.c reassembled remote Broadcast Receive State data into a single file-static netbufsimple attbuf, BTATTMAXATTRIBUTELEN = 512 bytes shared by all connection instances, while the BUSY flag, long-read...

6.4CVSS0.00159EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago9 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 24.04 LTS / 26.04 LTS : curl vulnerabilities (USN-8525-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8525-1 advisory. Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP...

9.8CVSS6.7AI score0.01378EPSS
Exploits10References11
Tenable Nessus
Tenable Nessus
added 6 days ago10 views

Coder < 2.29.17 / 2.30.x < 2.32.7 / 2.33.x < 2.33.8 / 2.34.x < 2.34.2 Multiple Vulnerabilities

The version of Coder installed on the remote host is prior to 2.29.17, 2.32.7, 2.33.8, or 2.34.2. It is, therefore, affected by multiple vulnerabilities: - A user-admin role can reset the owner account password, resulting in privilege escalation from user-admin to owner. CVE-2026-55077 - A...

8.7CVSS6.2AI score0.00615EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 6 days ago9 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : libsoup vulnerabilities (USN-8523-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8523-1 advisory. Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-leng...

9.1CVSS6.7AI score0.0042EPSS
Exploits1References3
Ubuntu
Ubuntu
added last week6 views

USN-8525-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP redirects in conjunction with .netrc files. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

9.8CVSS6.8AI score0.01378EPSS
Exploits10
EUVD
EUVD
added last week7 views

EUVD-2026-42611

A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function uploadmedia of the component mcp-whatsapp. Such manipulation of the argument mediaurl leads to server-side request forgery. The attack ma...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
Cisco
Cisco
added 2026/07/08 4:0 p.m.25 views

Cisco Advance Notification for Publication of July 15, 2026, Security Advisories

On July 15, 2026, the Cisco Product Security Incident Response Team PSIRT published the following advisories: Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Cisco RoomOS Security Hardening Release: July 2026...

8.8CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2026/07/08 11:35 a.m.8 views

BIT-PHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/08 5:58 a.m.8 views

EUVD-2026-42177

An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server...

9.8CVSS6AI score0.00326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.7 views

PT-2026-56586

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...

8.5CVSS6.2AI score0.014EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/07 12:57 p.m.7 views

EUVD-2026-42036

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 an improper authentication vulnerability. An unauthenticated attacker with remote...

9.8CVSS6.1AI score0.00625EPSS
Exploits0References1
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-951 Overflow in `ImageProjectiveTransformV2`

Impact When tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows. python import tensorflow as tf interpolation = "BILINEAR" fillmode = "REFLECT" images = tf.constant0.184634328, shape=2,5,8,3, dtype=tf.float32 transforms = tf.constant0.378575385, shape=2,8,...

4.8CVSS7AI score0.0043EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:46 a.m.5 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

8.1CVSS6AI score0.00476EPSS
Exploits0References6
Rows per page
Query Builder