338 matches found
CVE-2026-36162
creationtimestamp| type| source ---|---|--- 2026-07-08 00:25:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq3u7edrhe2g...
CVE-2026-53913
creationtimestamp| type| source ---|---|--- 2026-07-05 20:59:16+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mpwhr67bwy2o 2026-07-06 12:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116872919680337020 2026-07-06 12:00:30+00:00| seen|...
CVE-2026-46464
creationtimestamp| type| source ---|---|--- 2026-07-03 17:51:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpr4dxghxb2z 2026-07-04 06:38:09+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpsh6gpyes2n...
UBUNTU-CVE-2026-54887
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
CVE-2026-54887
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
CVE-2026-54887
CVE-2026-54887 concerns Erlang/OTP's DTLS server in ssl, where during startup the cookie secret is initialized to an empty binary instead of a random value. This makes DTLS cookie computation deterministic for the first 0–15 seconds, allowing an observer of plaintext ClientHello to forge a valid ...
CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...
CVE-2026-57276
creationtimestamp| type| source ---|---|--- 2026-07-02 04:27:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpn6xrhrlv2z 2026-07-02 18:42:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpoopognri2b 2026-07-03 07:51:31+00:00| seen|...
CVE-2026-14048
creationtimestamp| type| source ---|---|--- 2026-07-01 21:25:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmheaim4e22 2026-07-02 07:50:35+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:23:31+00:00| seen|...
CVE-2026-14007
creationtimestamp| type| source ---|---|--- 2026-07-01 21:16:34+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgufs3bm2o 2026-07-02 04:23:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpn6qoqfhk2o 2026-07-02 07:49:07+00:00| seen|...
CVE-2026-14198
creationtimestamp| type| source ---|---|--- 2026-07-01 11:34:43+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mplgdvyl4c2z 2026-07-01 12:40:01+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpljyqhw5522 2026-07-01 12:52:43+00:00| seen|...
CVE-2026-13595
creationtimestamp| type| source ---|---|--- 2026-06-29 11:35:26+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgfhgeqpc2t 2026-07-04 06:40:02+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpshbrrqn724 2026-07-04 06:40:15+00:00| seen|...
GHSA-X527-X647-Q7GG golang.org/x/crypto: Invoking VerifiedPublicKeyCallback permissions skip enforcement
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...
golang.org/x/crypto: Invoking VerifiedPublicKeyCallback permissions skip enforcement
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...
EUVD-2026-31398
golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement...
CVE-2026-53262
creationtimestamp| type| source ---|---|--- 2026-06-25 10:00:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp46bjq5hv2c...
CVE-2026-46752
creationtimestamp| type| source ---|---|--- 2026-06-25 04:42:55+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mp3mk3hdhq2w 2026-06-25 12:00:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mp4eylvcab2b 2026-06-25 12:00:39+00:00| seen|...
CVE-2026-53006
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...