Lucene search
K

12655 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

7.5CVSS5.5AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.8 views

CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS5.5AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-47336

Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AFINET/AFINET6 socket mediation code. The bug can be triggered by an unprivileged local user and could result in incorrect fine-grained mediation of network sockets...

3.3CVSS5.4AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-47337

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AFINET/AFINET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops...

3.3CVSS5.4AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.9 views

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

4CVSS5.4AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.12 views

CVE-2026-46544

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

5.3CVSS5.5AI score0.00422EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.8 views

CVE-2026-31893

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

6.8CVSS5.5AI score0.00242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.8 views

CVE-2026-44564

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

5.4CVSS5.5AI score0.0022EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.10 views

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.7AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.9 views

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

7.4CVSS5.7AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-49188

The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...

9.8CVSS5.8AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.8 views

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS5.5AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-6479

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....

7.5CVSS5.4AI score0.00471EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.13 views

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:19 p.m.9 views

GHSA-W43H-R5M5-P832 NocoDB: Server-Side Request Forgery via Database Connection Host

Summary The connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses including IPv4-mapped IPv6 forms and localhost reached the driver. Details A new validateDbConnectionHost helpe...

5.3CVSS5.5AI score0.00207EPSS
Exploits0References3
Debian
Debian
added 2026/06/05 10:26 a.m.9 views

[SECURITY] [DLA 4616-1] haveged security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4616-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz June 05, 2026 https://wiki.debian.org/LTS -...

7.8CVSS5.4AI score0.00185EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/04 10:8 p.m.3 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
OSV
OSV
added 2026/06/04 9:23 p.m.15 views

USN-8391-1 linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.2AI score0.96267EPSS
Exploits260References14
Ubuntu
Ubuntu
added 2026/06/04 9:13 p.m.15 views

USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits31
Ubuntu
Ubuntu
added 2026/06/04 9:3 p.m.15 views

USN-8388-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits57
Rows per page
Query Builder