Lucene search
K

14995 matches found

OSV
OSV
added 2026/06/25 10:14 p.m.3 views

GHSA-45GG-VH54-H5M9 golang.org/x/crypto vulnerable to invoking bypass of certificate restrictions

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

6.3CVSS6AI score0.00314EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/25 10:14 p.m.11 views

EUVD-2026-31394

golang.org/x/crypto/ssh vulnerable to invoking bypass of certificate restrictions...

6.3CVSS5.8AI score0.00314EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 10:14 p.m.3 views

GHSA-Q4H4-GMJ2-QVW2 golang.org/x/crypto: Invoking byte arithmetic causes underflow and panic

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

7.5CVSS6AI score0.00359EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 10:14 p.m.4 views

GHSA-F5WC-C3C7-36MC golang.org/x/crypto doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS6AI score0.00403EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/06/25 10:14 p.m.8 views

golang.org/x/crypto doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS6AI score0.00403EPSS
Exploits0References20Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/25 10:13 p.m.8 views

golang.org/x/crypto doesn't enforce invoking key constraints

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

9.1CVSS6AI score0.0036EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-50014

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected...

7.3CVSS0.0018EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/25 4:51 p.m.30 views

CVE-2026-50014 pnpm: Git Fetch Argument Injection via Lockfile resolution.commit

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected...

6.4CVSS0.0018EPSS
Exploits1References1
CVE
CVE
added 2026/06/25 4:51 p.m.31 views

CVE-2026-50014

Summary: CVE-2026-50014 affects pnpm prior to 10.34.0 and 11.4.0. The lockfile-controlled git resolution.commit value is passed to git fetch without a separator or commit-format validation, enabling a malicious lockfile to inject git options (notably --upload-pack) in shallow-fetch paths. This ca...

7.3CVSS5.9AI score0.0018EPSS
Exploits1References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 12:7 a.m.6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6AI score0.00533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/06/25 12:7 a.m.10 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52513

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.0 pnpm versions prior to 11.4.0 Description pnpm passes the git resolution.commit value from the lockfile to the git fetch command without using a -- separator or performing commit-format validation. When git...

6.4CVSS5.9AI score0.0018EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

AlmaLinux 9 : buildah (ALSA-2026:29455)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29455 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...

9.1CVSS6.9AI score0.00728EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 11:4 p.m.9 views

MAL-2026-6432 Malicious code in rstreams-metrics (npm)

The rstreams-metrics npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.14 views

Malicious code in leo-auth (npm)

The leo-auth npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.5AI score
Exploits0References3
NVD
NVD
added 2026/06/24 9:16 p.m.7 views

CVE-2026-52814

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS0.00547EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 8:31 p.m.29 views

CVE-2026-52811 Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component —...

9CVSS0.00474EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 8:15 p.m.23 views

CVE-2026-52814 Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Descriptor Exhaustion)

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS0.00547EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 5:48 p.m.49 views

CVE-2026-44017

CVE-2026-44017 concerns Docling’s EasyOCR model download: prior to 2.91.0, ZIP archives were extracted without validating member paths, enabling Zip Slip path traversal. An attacker who could supply or intercept the model source could overwrite files anywhere writable by the process, potentially ...

8.3CVSS6.7AI score0.00478EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/24 5:29 p.m.34 views

CVE-2026-48732 Warp: Remote SSH cwd can lead to unauthorized remote command execution

Warp is an agentic development environment. From 0.2023.03.21.08.02.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection issue in the legacy SSH background command path. Warp used the remote working directory reported by the session when building helper commands for...

8.8CVSS0.01007EPSS
Exploits1References2
Rows per page
Query Builder