Lucene search
K

219 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.8 views

CVE-2026-58171

Vibe-Trading before 0.1.10 constructs the swarm run directory by joining a caller-supplied run identifier onto the runs base directory without validation in rundir agent/src/swarm/store.py. A crafted run identifier supplied through the MCP swarm tools causes the application to read arbitrary...

4.2CVSS0.00253EPSS
Exploits0References4
CVE
CVE
added 2026/06/30 3:54 p.m.15 views

CVE-2026-58171

CVE-2026-58171 affects Vibe-Trading prior to 0.1.10. The swarm run directory is built by naïvely joining a caller-supplied run identifier to the base runs directory in agent/src/swarm/store.py, with no validation. A crafted run identifier via MCP swarm tools enables path traversal to read arbitra...

4.2CVSS5.9AI score0.00253EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which was originally developed as “moby/moby”, is commonly referred to as Docker. Swarm...

8.7CVSS7.2AI score0.02733EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

SwarmSense-DNN: A Trustworthy and Decentralized Neural Framework for Proactive Anomaly Defense in Consumer IoT

The rapid growth of consumer IoT devices has introduced unprecedented challenges in trustworthy anomaly detection against AI-enabled cyber threats, requiring real-time, privacy-preserving, and scalable defense mechanisms. Traditional centralized strategies face critical limitations, including...

5.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-34063

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...

7.5CVSS5.6AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.14 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.5AI score0.00347EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/05/30 12:0 a.m.18 views

Framework for Discovering GPS Spoofing Attacks in Drone Swarms

Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been given to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/28 10:16 p.m.16 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS0.00347EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/28 9:6 p.m.10 views

EUVD-2026-33063

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References1
CVE
CVE
added 2026/05/28 9:6 p.m.65 views

CVE-2026-44849

CVE-2026-44849 describes an endpoint security bypass in Portainer: non-admin users with Swarm endpoint access can create/update services and bypass EndpointSecuritySettings checks, allowing elevated capabilities, broken syscall confinement, and bind mounts to host paths. Affected are Portainer re...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:6 p.m.43 views

CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS0.00347EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/28 9:6 p.m.13 views

CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:6 p.m.10 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

5.8AI score0.00347EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.20 views

Portainer 安全漏洞

Portainer is a lightweight user management interface developed by Portainer Foundation for managing Docker environments and Docker hosts. There were security vulnerabilities in versions of Portainer Community Edition from 2.33.0 to 2.33.8, as well as in versions prior to 2.39.2 and 2.41.0. These...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2026/05/26 2:43 p.m.8 views

aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2026-9540 via vllm (>=0.10.0 <=0.9.2)

vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2026-9540 Source advisory: SNYK:PYTHON-VLLM-16887889...

6.9CVSS5.8AI score0.00427EPSS
Exploits0
Veracode
Veracode
added 2026/05/16 5:23 a.m.4 views

Improper Enforcement Of Security Restrictions

github.com/portainer/portainer is vulnerable to improper enforcement of security restrictions. The vulnerability is due to inconsistent enforcement of configured EndpointSecuritySettings on the Docker Swarm service API, which allows an attacker to bypass administrator-defined container security...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References7Affected Software1
Snyk
Snyk
added 2026/05/14 4:33 p.m.14 views

Missing Authorization

Overview github.com/portainer/portainer/api/http/proxy/factory/docker is a management UI which allows to manage different Docker environments. Affected versions of this package are vulnerable to Missing Authorization in the enforcement of endpoint security restrictions for non-admin users on Dock...

9.9CVSS5.7AI score0.00347EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/14 4:33 p.m.12 views

Portainer has an endpoint security bypass via Swarm service create/update

Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/05/14 4:33 p.m.10 views

GHSA-5FXQ-QCF3-244W Portainer has an endpoint security bypass via Swarm service create/update

Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References6
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.9 views

Position: AI Security Policy Should Target Systems, Not Models

We present swarm-attack, an open-source adversarial testing framework in which multiple lightweight LLM agents coordinate through shared memory, parallel exploration, and evolutionary optimization. Together, our results demonstrate that both safety bypass of frontier models and software...

5.9AI score
Exploits0
Rows per page
Query Builder