Lucene search
+L

5 matches found

nvd
nvd
added 2026/05/29 9:16 a.m.16 views

CVE-2026-10052

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS0.00186EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/29 7:59 a.m.12 views

CVE-2026-10052 Quay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpoints

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References2
cve
cve
added 2026/05/29 7:59 a.m.26 views

CVE-2026-10052

The CVE-2026-10052 entry describes a flaw in Quay config-tool where LDAP and SMTP validation endpoints can initiate outbound connections to user-supplied endpoints. With config editor access, an attacker can trigger requests from the Quay pod, enabling potential internal network reconnaissance an...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/29 7:59 a.m.11 views

CVE-2026-10052

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.15 views

PT-2026-44761

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References3
Rows per page
Query Builder