Lucene search
K

26423 matches found

AlmaLinux
AlmaLinux
added 2026/05/13 12:0 a.m.12 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/05/12 10:22 p.m.9 views

esm.sh: Legacy Route Path Traversal Can Lead to RCE

Impact - Arbitrary File Write – An attacker can cause the server to write data to any file path it has write permission for. - Privilege Escalation / RCE – By overwriting critical binaries or scripts, the attacker can execute arbitrary code with the server’s privileges. Exploit The legacy router...

8.7CVSS6.4AI score0.00362EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/12 10:16 p.m.21 views

CVE-2026-45225

Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...

7.6CVSS0.00355EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/12 9:9 p.m.7 views

CVE-2026-45225 Heym < 0.0.21 Path Traversal File Upload via upload_file()

Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...

7.6CVSS5.9AI score0.00355EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.10 views

CVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote...

9.8CVSS5.8AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/12 7:38 p.m.7 views

CVE-2026-41647

A flaw was found in Incus, a system container and virtual machine manager. An authenticated Incus user can exploit a missing error handling vulnerability by importing a truncated storage bucket backup file. This can lead to a daemon crash, resulting in a Denial of Service DoS for the Incus servic...

6.5CVSS5.7AI score0.00394EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/12 7:38 p.m.11 views

CVE-2026-40195

A flaw was found in Incus, a system container and virtual machine manager. An authenticated user with access to the storage bucket feature can exploit a missing validation logic in the storage bucket import process. By providing a malicious or malformed index.yaml file that omits the configuratio...

7.1CVSS5.8AI score0.00398EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/12 7:38 p.m.12 views

CVE-2026-40197

A flaw was found in Incus, a system container and virtual machine manager. An authenticated user with access to the storage volume feature can exploit a nil-pointer dereference vulnerability during custom volume import operations. By supplying a specially crafted backup archive, the user can caus...

7.1CVSS5.7AI score0.00299EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/12 7:38 p.m.8 views

CVE-2026-40251

A flaw was found in Incus, a system container and virtual machine manager. An authenticated user with access to the storage volume feature can exploit missing validation logic in the storage volume import process or an out-of-bounds panic vulnerability in the backup restore subsystem. By submitti...

7.1CVSS5.8AI score0.00408EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/12 7:30 p.m.12 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6AI score0.96775EPSS
Exploits228Affected Software1
EUVD
EUVD
added 2026/05/12 6:30 p.m.9 views

EUVD-2026-29499

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...

5.9AI score0.00413EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 6:30 p.m.10 views

EUVD-2026-29500

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/objectname:path endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send craft...

6AI score0.00401EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 6:17 p.m.10 views

CVE-2026-35415

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:58 p.m.29 views

CVE-2026-35415 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

7.8CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:58 p.m.29 views

CVE-2026-35415

Technical details about CVE-2026-35415 are not publicly available in the provided connected documents. Monitor for updates for specifics on affected products, impact, and mitigations once they are published.

7.8CVSS5.9AI score0.00332EPSS
Exploits0References1Affected Software14
Vulnrichment
Vulnrichment
added 2026/05/12 4:58 p.m.11 views

CVE-2026-35415 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

7.8CVSS5.8AI score0.00332EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 4:58 p.m.14 views

EUVD-2026-29622

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.00332EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.10 views

CVE-2026-31216

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/objectname:path endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send craft...

9.1CVSS0.00401EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/12 2:21 p.m.9 views

CVE-2026-8272

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfilemgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...

7.2CVSS5.5AI score0.05587EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.9 views

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.00332EPSS
Exploits0
Rows per page
Query Builder