69593 matches found
CVE-2026-35034
creationtimestamp| type| source ---|---|--- 2026-04-15 01:22:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjiqaulcnn2t...
GHSA-J2HF-X4Q5-47J3
creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:29+00:00| seen| Telegram/4QaIVP4Z6j7I04jn6w3qCKrQ76Fz4EXtpUCBPkRfgX1dqr4...
GHSA-8FW7-F233-FFR8
creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:29+00:00| seen| Telegram/4QaIVP4Z6j7I04jn6w3qCKrQ76Fz4EXtpUCBPkRfgX1dqr4...
GHSA-V5J3-4Q66-58CF
creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:29+00:00| seen| Telegram/4QaIVP4Z6j7I04jn6w3qCKrQ76Fz4EXtpUCBPkRfgX1dqr4...
CVE-2026-27298
creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:21+00:00| published-proof-of-concept| Telegram/GYbH54sRbOOqgznzSrvNbIPKqa8TpEiUvDUzTYtUUyxy-E 2026-04-15 11:15:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjrelsv272f 2026-06-13 10:07:07+00:00| seen|...
CVE-2026-27295
creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:06+00:00| seen| Telegram/dGt1m22sw1SGsA9Eug0OSHT5OJOK3joaNLENVhZetMIBpOs 2026-04-15 11:00:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjqka4vjs2u 2026-04-15 23:07:07+00:00| seen|...
CVE-2026-39387
creationtimestamp| type| source ---|---|--- 2026-04-15 01:12:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjipoxlfxi2k 2026-04-15 01:19:29+00:00| seen| Telegram/4QaIVP4Z6j7I04jn6w3qCKrQ76Fz4EXtpUCBPkRfgX1dqr4 2026-05-02 09:00:04+00:00| seen|...
CVE-2026-40688
creationtimestamp| type| source ---|---|--- 2026-04-15 01:07:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjipfz5xkn2a 2026-04-15 01:19:46+00:00| published-proof-of-concept| Telegram/beRkyaQYF6-HbSXwJObWqlvUpmDUmKmHxxmaYmzALf1MGQ...
CVE-2026-33414
creationtimestamp| type| source ---|---|--- 2026-04-15 01:02:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjip52q5z62t 2026-04-17 02:00:36+00:00| seen| https://bsky.app/profile/releaseport.com/post/3mjntcd4cky2j 2026-04-23 21:25:36+00:00| published-proof-of-concept|...
CVE-2026-35031
creationtimestamp| type| source ---|---|--- 2026-04-15 00:57:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjiou4c4hb2r 2026-04-15 01:19:21+00:00| published-proof-of-concept| Telegram/GYbH54sRbOOqgznzSrvNbIPKqa8TpEiUvDUzTYtUUyxy-E 2026-04-15 10:33:26+00:00| seen|...
CVE-2026-35032
creationtimestamp| type| source ---|---|--- 2026-04-15 00:49:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjiofpiwpc2a 2026-04-15 01:19:29+00:00| seen| Telegram/4QaIVP4Z6j7I04jn6w3qCKrQ76Fz4EXtpUCBPkRfgX1dqr4...
CVE-2026-2396
creationtimestamp| type| source ---|---|--- 2026-04-15 00:40:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjinvgwpcl2z...
CVE-2026-1314
creationtimestamp| type| source ---|---|--- 2026-04-15 00:19:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjimprprmr2o 2026-04-22 21:02:34+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mk4fgtcu522h...
CVE-2026-27301
creationtimestamp| type| source ---|---|--- 2026-04-15 00:06:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjilygpeht2z...
CVE-2026-39984
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...
Sigstore Timestamp Authority 安全漏洞
Sigstore Timestamp Authority is an open-source RFC3161 timestamp authorization software developed by sigstore. Versions of Sigstore Timestamp Authority 2.0.5 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with the VerifyTimestampResponse function, which...
CVE-2026-39984 Sigstore Timestamp Authority has Improper Certificate Validation in verifier
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...
CVE-2026-39984
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the VerifyTimestampResponse function when a forged certificate is prepended to the certificate bag. An attacker can bypass authorization checks by supplying a payload where the signature is validated...
CVE-2026-39984
CVE-2026-39984 – Sigstore Timestamp Authority (tsa/timestamp-authority/v2/pkg/verification) : Versions 2.0.5 and earlier contain an authorization bypass in VerifyTimestampResponse. The code validates the certificate chain correctly but applies TSA-specific constraints using the first non-CA certi...