Lucene search
K

15091 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-27349

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.5AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.12 views

CVE-2026-45264

Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before 21.0.4, a user with READ and CREATE permission, but no UPDATE permission for a team folder can...

4.3CVSS5.3AI score0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.11 views

CVE-2026-4055

Mattermost versions 11.5.x = 11.5.1 fail to validate team-level runcreate permission against the target team when creating a playbook run which allows an authenticated team member to create runs in teams where they lack permission via specifying a different team ID in the run creation API request...

4.3CVSS5.5AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-40603

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...

6.5CVSS5.4AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.13 views

CVE-2026-47744

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Team/Index had no mount authorization. Any authenticated user could load the page and use its public...

9.9CVSS5.6AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-32991

Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...

7.1CVSS5.5AI score0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42757

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.9CVSS5.4AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.12 views

CVE-2026-42758

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.8CVSS5.4AI score0.00308EPSS
Exploits1References1
Circl
Circl
added 2026/06/05 5:0 p.m.16 views

CVE-2026-25860

creationtimestamp| type| source ---|---|--- 2026-06-05 17:00:04+00:00| seen| https://t.me/GithubRedTeam/87464 2026-06-05 19:00:11+00:00| published-proof-of-concept| Telegram/vT4GraR1tGy8kb2p0gDblUF32yKb9Lm75V4SoCKaucAr0 2026-06-05 21:00:04+00:00| published-proof-of-concept|...

6.1CVSS5.8AI score0.00293EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/06/05 2:50 p.m.81 views

arsenal-tools

Arsenal — CTF & Pentest Toolkit Collection de 198 outils of...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.20 views

Beyond Pass/Fail: Using Process Mining to Understand How LLMs Resist (And Fail) Red Team Attacks

Standard AI red teaming evaluations reduce adversarial campaigns to a single binary outcome, attack success rate ASR, not taking into account the sequential structure of how models resist or yield to attacks. We propose applying process mining, a discipline for discovering and analyzing process...

5.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/06/04 7:14 p.m.10 views

Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us

In this article 1. Why the Taxonomy Needed Updating 2. Seven new failure modes 3. Operational findings: What red teaming showed 4. New mitigations 5. What to do this quarter When the Microsoft AI Red Team published the Taxonomy of Failure Modes in Agentic AI Systems in April 2025, the goal was a...

8.8CVSS7.2AI score0.08016EPSS
Exploits5
Circl
Circl
added 2026/06/03 5:0 p.m.10 views

CVE-2026-35904

creationtimestamp| type| source ---|---|--- 2026-06-03 17:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/87170 2026-06-03 19:00:30+00:00| seen| Telegram/Ze-uNkS3kIdAJGbWQE6AK--K-SMWz6YbrFE-sDGCdUicf4Q 2026-06-03 21:00:04+00:00| seen|...

9.8CVSS5.3AI score0.00547EPSS
Exploits1References1
Circl
Circl
added 2026/06/03 6:0 a.m.15 views

CVE-2026-49943

creationtimestamp| type| source ---|---|--- 2026-06-03 06:00:04+00:00| seen| https://t.me/GithubRedTeam/87089 2026-06-03 07:00:16+00:00| seen| Telegram/o4hSLrg-DhwQDptmYynTF4BCpU3ri7L3EO654-e3xznsg0w 2026-06-03 09:00:04+00:00| seen| Telegram/5i-pTes7Ja8Uhuw9wP6auiAd2fWyZYO3DYvaqIbmREm4...

6.3CVSS5.3AI score0.003EPSS
Exploits2References1
NVD
NVD
added 2026/06/02 8:16 p.m.13 views

CVE-2026-10616

A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/teamtaskslifecycle.go of the component Team Task Completion Handler. Executing a manipulation can lead to missing authorization. Th...

5.3CVSS0.00206EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/02 6:30 p.m.10 views

EUVD-2026-34002

A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/teamtaskslifecycle.go of the component Team Task Completion Handler. Executing a manipulation can lead to missing authorization. Th...

5.3CVSS5.5AI score0.00206EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/02 6:30 p.m.10 views

CVE-2026-10616

A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/teamtaskslifecycle.go of the component Team Task Completion Handler. Executing a manipulation can lead to missing authorization. Th...

5.3CVSS5.5AI score0.00206EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/02 6:30 p.m.22 views

CVE-2026-10616

CVE-2026-10616 affects nextlevelbuilder GoClaw up to 3.11.3. The vulnerability resides in TeamTasksTool.executeComplete (internal/tools/team_tasks_lifecycle.go), where a manipulation can lead to missing authorization. The issue can be exploited remotely and the exploit has been made publicly avai...

5.3CVSS5.5AI score0.00206EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

goclaw 安全漏洞

Goclaw is an open-source multi-tenant AI smart agent platform developed by Next Level Builder. Versions of GoClaw 3.11.3 and earlier contain security vulnerabilities. These vulnerabilities stem from a flaw in the Team Task Completion Handler component, where the TeamTasksTool.executeComplete...

5.3CVSS5.4AI score0.00206EPSS
Exploits0References6
Circl
Circl
added 2026/06/01 8:0 p.m.13 views

CVE-2026-8206

creationtimestamp| type| source ---|---|--- 2026-06-01 20:00:04+00:00| seen| https://t.me/GithubRedTeam/86883 2026-06-01 23:00:14+00:00| seen| Telegram/WmCsGmCxw3llm8l2PpPL4TbSd7NmUffJbXR2OZgq87qhTE 2026-06-02 04:30:27+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnbr4mqu6h2j...

9.8CVSS5.8AI score0.0126EPSS
Exploits5References29
Rows per page
Query Builder