Lucene search
+L

2161 matches found

NVD
NVD
added 4 days ago4 views

CVE-2026-47470

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS0.0012EPSS
Exploits0References2
OSV
OSV
added 4 days ago4 views

CVE-2026-15738 Cross-namespace traffic interception via incorrect route precedence ordering in AWS Load Balancer Controller

Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this...

5.8CVSS6.2AI score0.00373EPSS
Exploits0References4
CVE
CVE
added 4 days ago12 views

CVE-2026-47470

CVE-2026-47470 affects NVIDIA TensorRT-LLM on any platform, via a vulnerability in the gRPC server chat API endpoint. The root cause is improper input validation, exploitable by a local attacker to cause a denial of service. The NVIDIA security bulletin lists remediation by updating to TensorRT-L...

6.2CVSS6.1AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-48069 @grpc/grps-js: An incoming malformed compressed message can cause a client or server crash

@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming compressed message can cause a client or server process that uses @grpc/grpc-js to crash. This issue is fixed in...

7.5CVSS0.00625EPSS
Exploits0References13
NVD
NVD
added 4 days ago4 views

CVE-2026-50365

Improper authentication in Windows RPC API allows an unauthorized attacker to elevate privileges over an adjacent network...

8CVSS0.00469EPSS
Exploits0References1
NVD
NVD
added 4 days ago3 views

CVE-2026-50346

Improper authorization in RPC Runtime allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago21 views

CVE-2026-50365 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

...

8CVSS0.00469EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago5 views

CVE-2026-50365 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

...

8CVSS6.1AI score0.00469EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago26 views

CVE-2026-50346 Netlogon RPC Elevation of Privilege Vulnerability

...

7.8CVSS0.00284EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago6 views

CVE-2026-50346 Netlogon RPC Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 4 days ago6 views

CVE-2026-50346

CVE-2026-50346 is a Windows RPC Runtime-related elevation-of-privilege vulnerability (Netlogon RPC). The primary description indicates improper authorization that allows a locally authenticated attacker to escalate privileges. Public references include the NVD/NCSC entries and the Microsoft updat...

7.8CVSS6AI score0.00284EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 4 days ago7 views

Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

Improper authentication in Windows RPC API allows an unauthorized attacker to elevate privileges over an adjacent network...

8CVSS6.1AI score0.00469EPSS
Exploits0
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-58334

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description Improper authorization in the RPC Runtime allows an authorized attacker to elevate privileges locally. This issue specifically involves the Netlogon RPC, which can be leveraged to escalate a...

7.8CVSS6AI score0.00284EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 6 days ago5 views

p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References5
Cvelist
Cvelist
added last week32 views

CVE-2026-56303 Capgo - Unauthenticated API Key Metadata Disclosure via SECURITY DEFINER RPC Function

Capgo before 12.128.2 contains an information disclosure vulnerability in the findapikeybyvalue PostgreSQL function marked SECURITY DEFINER and executable by the anon role. Unauthenticated attackers can call this function via the /rest/v1/rpc/findapikeybyvalue endpoint to retrieve sensitive API k...

8.7CVSS0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/07/10 1:57 p.m.3 views

CVE-2026-56279 Capgo - Information Disclosure via get_orgs_v7 RPC Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the getorgsv7userid RPC function that remains publicly invokable despite intended private access controls. Unauthenticated attackers can supply arbitrary user UUIDs to retrieve foreign users' organization membership, roles,...

8.7CVSS6.2AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/10 12:30 a.m.5 views

p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.11 views

EulerOS 2.0 SP12 : kata-containers (EulerOS-SA-2026-2534)

"According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input...

9.1CVSS6.7AI score0.01557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-59818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls t...

8.1CVSS6.1AI score0.00319EPSS
Exploits0References3
NVD
NVD
added 2026/07/09 10:17 p.m.6 views

CVE-2026-57032

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS0.00421EPSS
Exploits0References1
Rows per page
Query Builder