Lucene search
K

365 matches found

Cvelist
Cvelist
added 2026/06/27 9:8 a.m.36 views

CVE-2026-49413 Flaw in Linuxulator execution of setugid binaries

The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and set-group-ID executables. A...

0.00098EPSS
Exploits1References1
CVE
CVE
added 2026/06/27 9:8 a.m.123 views

CVE-2026-49413

The CVE-2026-49413 issue affects the Linuxulator in FreeBSD, where the runtime determines set-user-ID/set-group-ID status by the P_SUGID flag. During execve, P_SUGID is not yet set when the ELF auxiliary vector is constructed, causing AT_SECURE to be incorrectly set to zero for setuid/setgid exec...

7.1CVSS5.8AI score0.00098EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/23 9:16 p.m.8 views

CVE-2026-46550

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:39 p.m.26 views

CVE-2026-46550 NocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` Flags

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS0.00099EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:39 p.m.16 views

CVE-2026-46550

NocoDB’s CVE-2026-46550 concerns the refresh-token cookie being set with httpOnly but without Secure and SameSite attributes prior to 2026.04.1. The root cause is in setTokenCookie(), which emitted a cookie with only httpOnly (and possibly domain), leaving it vulnerable to interception over HTTP ...

5.4CVSS5.8AI score0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:39 p.m.6 views

CVE-2026-46550

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS5.8AI score0.00099EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.11 views

FreeBSD Security Advisory - FreeBSD-SA-26:30.linux

FreeBSD Security Advisory - The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and...

5.5AI score0.00098EPSS
Exploits1
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.10 views

FreeBSD -- Flaw in Linuxulator execution of setugid binaries

Problem Description: The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and...

7.1CVSS5.5AI score0.00098EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/07 12:43 a.m.15 views

CVE-2026-46398

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...

8.8CVSS5.4AI score0.00183EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.16 views

CVE-2026-46398

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...

8.8CVSS0.00183EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 7:13 p.m.21 views

CVE-2026-46398

HAX CMS vulnerability: the haxcms_refresh_token cookie is set without the Secure flag in versions 25.0.0 through

8.8CVSS5.4AI score0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:13 p.m.31 views

CVE-2026-46398 HAX CMS Missing Secure Flag on Cookie

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...

8.8CVSS0.00183EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:13 p.m.7 views

CVE-2026-46398

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...

8.8CVSS5.4AI score0.00183EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/05 7:13 p.m.10 views

EUVD-2026-34893

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...

8.8CVSS5.4AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:13 p.m.11 views

CVE-2026-46398 HAX CMS Missing Secure Flag on Cookie

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...

8.8CVSS5.4AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 5:40 a.m.8 views

BIT-AIRFLOW-2026-41017 Apache Airflow: JWT cookie missing Secure flag in JWTRefreshMiddleware behind HTTPS-terminating proxy

Apache Airflow's JWTRefreshMiddleware set the JWT auth cookie without the Secure flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API server, the default...

5.9CVSS5.5AI score0.00265EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-47039

Name of the Vulnerable Software and Affected Versions HAX CMS versions 25.0.0 through 25.x Description The haxcms refresh token cookie is configured without the Secure flag. This configuration allows the cookie to be transmitted over unencrypted HTTP connections, which enables an attacker to stea...

8.8CVSS5.4AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

HAXCMS 安全漏洞

HAXCMS is an open-source content management system developed by HAX The Web. Versions of HAXCMS from 25.0.0 to 26.0.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the haxcmsrefreshtoken cookie did not have the Secure flag set. This allowed the token to be...

8.8CVSS5.3AI score0.00183EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/02 10:3 p.m.15 views

CVE-2026-41017

Apache Airflow's JWTRefreshMiddleware set the JWT auth cookie without the Secure flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API server, the default...

5.9CVSS5.9AI score0.00265EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 9:16 a.m.14 views

CVE-2026-41017

Apache Airflow's JWTRefreshMiddleware set the JWT auth cookie without the Secure flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API server, the default...

5.9CVSS0.00265EPSS
Exploits0References3
Rows per page
Query Builder