Lucene search
K

1389798 matches found

Circl
Circl
added 5 hours ago6 views

CVE-2026-11405

creationtimestamp| type| source ---|---|--- 2026-07-07 04:31:58+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mpzrjkh5ga2f 2026-07-07 04:31:59+00:00| seen| https://bsky.app/profile/potato.software/post/3mpzrjlnff724 2026-07-07 08:15:44+00:00| seen|...

5.9AI score
Exploits1References4
OSV
OSV
added 6 hours ago15 views

ROOT-APP-PYPI-CVE-2026-45134 CVE-2026-45134 in rootio-langsmith - Patched by Root

Root has patched CVE-2026-45134 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

7.1CVSS5.8AI score0.00199EPSS
Exploits0
OSV
OSV
added 6 hours ago5 views

ROOT-APP-PYPI-GHSA-RR7J-V2Q5-CHGV GHSA-rr7j-v2q5-chgv in rootio-langsmith - Patched by Root

Root has patched GHSA-rr7j-v2q5-chgv in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.3AI score
Exploits0
OSV
OSV
added 6 hours ago6 views

ROOT-APP-MAVEN-CVE-2026-54513 CVE-2026-54513 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2026-54513 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

8.1CVSS5.8AI score0.00677EPSS
Exploits0
RedHat Linux
RedHat Linux
added 8 hours ago5 views

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS6.8AI score0.0031EPSS
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-53648

FOSSBilling prior to v0.8.1 stores downloadable product files with a deterministic path md5(), so files with identical names between different products/orders map to the same stored path and can be overwritten by later uploads. This leads to customers/admins downloading the wrong file. Version 0....

5.1CVSS5.9AI score0.00039EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-53646

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a ClientPasswordReset record already exists for a client from a previous unexpired reset request, subsequent calls to the resetpassword guest API endpoint reuse the existing token instea...

7.7CVSS6AI score0.00041EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-53644

FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that are no longer in an active state e.g., suspended, canceled. The root cause is missing order-state...

8.6CVSS6AI score0.00038EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-53641

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a stored cross-site scripting XSS vulnerability in the client-facing email history views of FOSSBilling. Email HTML content contenthtml is rendered into a JavaScript template literal using t...

4.8CVSS5.9AI score0.00043EPSS
Exploits0References2Affected Software1
CVE
CVE
added yesterday6 views

CVE-2026-43925

FOSSBilling (open-source billing/client management) contains an unauthenticated mass assignment vulnerability in the client self-registration endpoint, prior to version 0.8.0. An attacker can assign themselves to an arbitrary client group during sign-up, potentially bypassing group-restricted pro...

6.9CVSS6.1AI score0.00081EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-8286

A flaw was found in curl. When a new data transfer attempts to upgrade its connection using STARTTLS, it may incorrectly reuse an existing live connection. This reuse can occur even if the Transport Layer Security TLS configuration of the new transfer does not match the existing connection,...

8.1CVSS5.8AI score0.00196EPSS
Exploits0References6
Circl
Circl
added yesterday5 views

CVE-2026-54769

creationtimestamp| type| source ---|---|--- 2026-07-06 21:32:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mpz22qfgd22g 2026-07-06 22:35:25+00:00| published-proof-of-concept| https://github.com/langroid/langroid/security/advisories/GHSA-q9p7-wqxg-mrhc...

5.9AI score
Exploits0References2
EUVD
EUVD
added yesterday8 views

EUVD-2026-41212

Craft CMS: Sensitive File Disclosure / Server-Side File Read...

6CVSS5.9AI score0.00268EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-42204

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELLSAFECOMMANDPATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an...

8.8CVSS6AI score
Exploits0References5Affected Software1
CVE
CVE
added yesterday7 views

CVE-2026-14468

Terraform Enterprise contains a vulnerability in its VCS ingestion of registry modules where the boundary on packaged module content was not correctly enforced. An authenticated user could include files from outside the intended repository content in a module and then download them, potentially e...

7.7CVSS6AI score
Exploits0References1
OSV
OSV
added yesterday3 views

DEBIAN-CVE-2026-54291

pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to...

8.2CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-8932

A flaw was found in curl. The libcurl library, used for transferring data with URLs, could improperly reuse existing network connections. This occurred even when changes to mutual Transport Layer Security mTLS settings, particularly those for client certificates, should have prevented such reuse...

7.5CVSS6AI score0.00129EPSS
Exploits0References6
EUVD
EUVD
added yesterday4 views

EUVD-2026-25014

printenv: environment variables with invalid UTF-8 are silently skipped evades inspection...

4.4CVSS5.9AI score0.0017EPSS
Exploits1References6
Chainguard
Chainguard
added yesterday4 views

GHSA-H6Q6-9HQW-RWFV vulnerabilities

Vulnerabilities for packages: wazuh-dashboard...

5.9AI score
Exploits0
Chainguard
Chainguard
added yesterday5 views

GHSA-CRH6-FP67-6883 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard...

5.9AI score
Exploits0
Rows per page
Query Builder