Lucene search
K

27014 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 1:52 a.m.3 views

CVE-2026-32811

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decision API mode with versions 0.7.0-alpha through 0.17.10, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. Envoy splits t...

8.2CVSS5.7AI score0.003EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/20 1:52 a.m.14 views

CVE-2026-32811

This CVE affects Heimdall (cloud-native Identity Aware Proxy/Access Control). In envoy gRPC decision API mode, versions 0.7.0-alpha through 0.17.10 suffer from incorrect encoding of the URL query string when constructing the Path, causing parameters like /mypath?foo=bar to be escaped to /mypath%3...

8.2CVSS5.7AI score0.003EPSS
Exploits1References4Affected Software1
Fedora
Fedora
added 2026/03/20 1:3 a.m.3 views

[SECURITY] Fedora 43 Update: openssh-10.0p1-7.fc43

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

8.2CVSS6.9AI score0.0218EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.7 views

Cryptomator 安全漏洞

Cryptomator is a simple digital self-defense tool from the Cryptomator community. Versions of Cryptomator prior to 1.19.1 contained security vulnerabilities. These vulnerabilities stemmed from the unlocking process based on Hub, which did not enforce the use of HTTPS. This could lead to network...

8.7CVSS5.8AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.9 views

PT-2026-26787

Name of the Vulnerable Software and Affected Versions Ory Kratos affected versions not specified Description The ListCourierMessages Admin API in Ory Kratos is susceptible to SQL injection because of issues in its pagination implementation. Pagination tokens are encrypted using a secret configure...

7.2CVSS6.2AI score0.00252EPSS
Exploits0References5
Redos
Redos
added 2026/03/20 12:0 a.m.3 views

ROS-20260320-73-0008

A vulnerability in the SSH server of the library for the Go crypto programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

5.3CVSS6.8AI score0.00521EPSS
Exploits0
NVD
NVD
added 2026/03/19 10:16 p.m.5 views

CVE-2026-33394

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the Post Edits admin report /admin/reports/postedits leaked the first 40 characters of raw post content from private messages and secure categories to moderators who shouldn't have access...

2.7CVSS0.00293EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/19 10:7 p.m.18 views

CVE-2026-32030 OpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path Traversal

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...

8.2CVSS0.00344EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/19 10:6 p.m.4 views

EUVD-2026-13340

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the Post Edits admin report /admin/reports/postedits leaked the first 40 characters of raw post content from private messages and secure categories to moderators who shouldn't have access...

2.7CVSS5.8AI score0.00293EPSS
Exploits0References4
CVE
CVE
added 2026/03/19 10:6 p.m.5 views

CVE-2026-33394

Discourse (open-source discussion platform) contains an information disclosure in Post Edits admin report: before versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the report leaked the first 40 characters of raw post content from private messages and secure categories to moderators who should ...

2.7CVSS5.8AI score0.00293EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/19 10:6 p.m.2 views

CVE-2026-33394 Discourse leaks PM post edits to moderators

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the Post Edits admin report /admin/reports/postedits leaked the first 40 characters of raw post content from private messages and secure categories to moderators who shouldn't have access...

2.7CVSS5.9AI score0.00293EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/19 8:14 p.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS7AI score0.00579EPSS
Exploits1References8
OSV
OSV
added 2026/03/19 7:27 p.m.7 views

GHSA-XGXP-F695-6VRP In Soft Serve, an authenticated repo import can clone server-local private repositories

Summary An authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. This breaks the private-repository confidentiality boundary and should be treated as High severity...

7.1CVSS5.9AI score0.00364EPSS
Exploits1References5
Microsoft Secure
Microsoft Secure
added 2026/03/19 7:0 p.m.7 views

New tools and guidance: Announcing Zero Trust for AI

Over the past year, I have had conversations with security leaders across a variety of disciplines, and the energy around AI is undeniable. Organizations are moving fast, and security teams are rising to meet the moment. Time and again, the question comes back to the same thing: "We're adopting A...

5.9AI score
Exploits0
Snyk
Snyk
added 2026/03/19 6:51 p.m.2 views

Heap-based Buffer Overflow

Overview wolfssl is a Python module that encapsulates wolfSSL's C SSL/TLS library. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the wolfSSLd2iSSLSESSION function when deserializing session data with the SESSIONCERTS option enabled. An attacker can corrupt heap...

8.1CVSS6.2AI score0.00123EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 2:59 p.m.6 views

CLSA-2026-1773932358 libssh: Fix of CVE-2026-3731

Fix CVE-2026-3731: out-of-bounds read in SFTP extension name handler...

7.5CVSS6.2AI score0.00631EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 11:23 a.m.5 views

SUSE-SU-2026:20767-1 Security update for libssh

This update for libssh fixes the following issue: - CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler bsc1259377...

7.5CVSS6AI score0.00631EPSS
Exploits0References3
ICS
ICS
added 2026/03/19 5:0 a.m.5 views

IGL-Technologies eParking.fi

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
Microsoft Secure
Microsoft Secure
added 2026/03/18 4:0 p.m.8 views

Observability for AI Systems: Strengthening visibility for proactive risk detection

Adoption of Generative AI GenAI and agentic AI has accelerated from experimentation into real enterprise deployments. What began with copilots and chat interfaces has quickly evolved into powerful business systems that autonomously interact with sensitive data, call external APIs, connect to...

5.9AI score
Exploits0
OSV
OSV
added 2026/03/18 1:0 p.m.7 views

GHSA-R8X2-FHMF-6MXP Heimdall: Path received via Envoy gRPC corrupted when containing query string

Summary When using heimdall in envoy gRPC decision API mode, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. The HTTP based decision API is NOT affected, and proxy mode is NOT affected either. Note: The issue can only lead to unintended acces...

8.2CVSS5.7AI score0.003EPSS
Exploits1References6
Rows per page
Query Builder