Lucene search
K

2137 matches found

NVD
NVD
added yesterday3 views

CVE-2026-47470

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2026-47470

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added yesterday23 views

CVE-2026-48069 @grpc/grps-js: An incoming malformed compressed message can cause a client or server crash

@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming compressed message can cause a client or server process that uses @grpc/grpc-js to crash. This issue is fixed in...

7.5CVSS0.00052EPSS
Exploits0References13
NVD
NVD
added yesterday3 views

CVE-2026-50346

Improper authorization in RPC Runtime allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-50365 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

...

8CVSS
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-50346

CVE-2026-50346 is a Windows RPC Runtime-related elevation-of-privilege vulnerability (Netlogon RPC). The primary description indicates improper authorization that allows a locally authenticated attacker to escalate privileges. Public references include the NVD/NCSC entries and the Microsoft updat...

7.8CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-50346 Netlogon RPC Elevation of Privilege Vulnerability

...

7.8CVSS
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58334

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description Improper authorization in the RPC Runtime allows an authorized attacker to elevate privileges locally. This issue specifically involves the Netlogon RPC, which can be leveraged to escalate a...

7.8CVSS6AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 3 days ago3 views

p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-56303 Capgo - Unauthenticated API Key Metadata Disclosure via SECURITY DEFINER RPC Function

Capgo before 12.128.2 contains an information disclosure vulnerability in the findapikeybyvalue PostgreSQL function marked SECURITY DEFINER and executable by the anon role. Unauthenticated attackers can call this function via the /rest/v1/rpc/findapikeybyvalue endpoint to retrieve sensitive API k...

8.7CVSS0.00302EPSS
Exploits0References2
OSV
OSV
added 5 days ago3 views

CVE-2026-56279 Capgo - Information Disclosure via get_orgs_v7 RPC Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the getorgsv7userid RPC function that remains publicly invokable despite intended private access controls. Unauthenticated attackers can supply arbitrary user UUIDs to retrieve foreign users' organization membership, roles,...

8.7CVSS6.2AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 5 days ago2 views

p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-59818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls t...

8.1CVSS6.1AI score0.00319EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago9 views

EulerOS 2.0 SP12 : kata-containers (EulerOS-SA-2026-2534)

"According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input...

9.1CVSS6.7AI score0.01557EPSS
Exploits1References2
NVD
NVD
added 6 days ago6 views

CVE-2026-57032

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS0.00421EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-57032 Junos OS: EX Series: Subscribing to an unsupported telemetry sensor path causes fxpc process crash

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS0.00421EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 6 days ago8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.55 packages and security update

Red Hat OpenShift Container Platform release 4.17.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.1CVSS6.9AI score0.01557EPSS
Exploits1References4
OSV
OSV
added last week3 views

DEBIAN-CVE-2026-59818

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the...

8.1CVSS6.1AI score0.00319EPSS
Exploits0References1
Snyk
Snyk
added last week5 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper enforcement of the Certificate Revocation List on the gRPC listener when separate listeners are configured for HTTP and gRPC client endpoints. An attacker can gain unauthorized access and...

8.5CVSS6.1AI score0.00319EPSS
Exploits0References2
Snyk
Snyk
added last week5 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper enforcement of the Certificate Revocation List on the gRPC listener when separate listeners are configured for HTTP and gRPC client endpoints. An attacker can gain unauthorized access and...

8.5CVSS6.1AI score0.00319EPSS
Exploits0References2
Rows per page
Query Builder