Lucene search
K

338 matches found

Circl
Circl
added 16 hours ago5 views

CVE-2026-36162

creationtimestamp| type| source ---|---|--- 2026-07-08 00:25:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq3u7edrhe2g...

5.4CVSS5.9AI score
Exploits0References1
Circl
Circl
added 3 days ago5 views

CVE-2026-53913

creationtimestamp| type| source ---|---|--- 2026-07-05 20:59:16+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mpwhr67bwy2o 2026-07-06 12:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116872919680337020 2026-07-06 12:00:30+00:00| seen|...

9.8CVSS5.9AI score0.00291EPSS
Exploits0References5
Circl
Circl
added 5 days ago9 views

CVE-2026-46464

creationtimestamp| type| source ---|---|--- 2026-07-03 17:51:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpr4dxghxb2z 2026-07-04 06:38:09+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpsh6gpyes2n...

4.9CVSS5.9AI score0.00422EPSS
Exploits0References2
OSV
OSV
added 5 days ago4 views

UBUNTU-CVE-2026-54887

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS6AI score0.00389EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-54887

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS5.8AI score0.00389EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 6 days ago10 views

CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS5.8AI score0.00389EPSS
Exploits0References5
CVE
CVE
added 6 days ago13 views

CVE-2026-54887

CVE-2026-54887 concerns Erlang/OTP's DTLS server in ssl, where during startup the cookie secret is initialized to an empty binary instead of a random value. This makes DTLS cookie computation deterministic for the first 0–15 seconds, allowing an observer of plaintext ClientHello to forge a valid ...

6.3CVSS5.8AI score0.00389EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS0.00389EPSS
Exploits0References5
OSV
OSV
added 6 days ago3 views

EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...

6.3CVSS5.8AI score0.00389EPSS
Exploits0References4
Circl
Circl
added 6 days ago7 views

CVE-2026-57276

creationtimestamp| type| source ---|---|--- 2026-07-02 04:27:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpn6xrhrlv2z 2026-07-02 18:42:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpoopognri2b 2026-07-03 07:51:31+00:00| seen|...

8.3CVSS5.9AI score0.00286EPSS
Exploits0References3
Circl
Circl
added last week8 views

CVE-2026-14048

creationtimestamp| type| source ---|---|--- 2026-07-01 21:25:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmheaim4e22 2026-07-02 07:50:35+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:23:31+00:00| seen|...

6.5CVSS5.9AI score0.00116EPSS
Exploits0References3
Circl
Circl
added last week7 views

CVE-2026-14007

creationtimestamp| type| source ---|---|--- 2026-07-01 21:16:34+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgufs3bm2o 2026-07-02 04:23:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpn6qoqfhk2o 2026-07-02 07:49:07+00:00| seen|...

6.5CVSS5.9AI score0.00263EPSS
Exploits0References4
Circl
Circl
added 2026/07/01 11:34 a.m.11 views

CVE-2026-14198

creationtimestamp| type| source ---|---|--- 2026-07-01 11:34:43+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mplgdvyl4c2z 2026-07-01 12:40:01+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpljyqhw5522 2026-07-01 12:52:43+00:00| seen|...

9.1CVSS5.9AI score0.00299EPSS
Exploits0References8
Circl
Circl
added 2026/06/29 11:35 a.m.8 views

CVE-2026-13595

creationtimestamp| type| source ---|---|--- 2026-06-29 11:35:26+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgfhgeqpc2t 2026-07-04 06:40:02+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpshbrrqn724 2026-07-04 06:40:15+00:00| seen|...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 10:23 p.m.10 views

GHSA-X527-X647-Q7GG golang.org/x/crypto: Invoking VerifiedPublicKeyCallback permissions skip enforcement

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

10CVSS6.8AI score0.03153EPSS
Exploits2References18
Github Security Blog
Github Security Blog
added 2026/06/25 10:23 p.m.15 views

golang.org/x/crypto: Invoking VerifiedPublicKeyCallback permissions skip enforcement

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

10CVSS6.8AI score0.03153EPSS
Exploits2References18Affected Software1
EUVD
EUVD
added 2026/06/25 10:23 p.m.11 views

EUVD-2026-31398

golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement...

10CVSS6.9AI score0.03153EPSS
Exploits2References7
Circl
Circl
added 2026/06/25 10:0 a.m.6 views

CVE-2026-53262

creationtimestamp| type| source ---|---|--- 2026-06-25 10:00:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp46bjq5hv2c...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
Circl
Circl
added 2026/06/25 4:42 a.m.5 views

CVE-2026-46752

creationtimestamp| type| source ---|---|--- 2026-06-25 04:42:55+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mp3mk3hdhq2w 2026-06-25 12:00:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mp4eylvcab2b 2026-06-25 12:00:39+00:00| seen|...

10CVSS5.8AI score0.00395EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.13 views

CVE-2026-53006

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS0.00377EPSS
Exploits0References11
Rows per page
Query Builder