Lucene search
K

69602 matches found

Circl
Circl
added 2026/04/15 12:40 a.m.5 views

CVE-2026-2396

creationtimestamp| type| source ---|---|--- 2026-04-15 00:40:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjinvgwpcl2z...

4.4CVSS5.7AI score0.00221EPSS
Exploits0References1
Circl
Circl
added 2026/04/15 12:19 a.m.4 views

CVE-2026-1314

creationtimestamp| type| source ---|---|--- 2026-04-15 00:19:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjimprprmr2o 2026-04-22 21:02:34+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mk4fgtcu522h...

5.3CVSS5.7AI score0.00892EPSS
Exploits0References2
Circl
Circl
added 2026/04/15 12:6 a.m.11 views

CVE-2026-27301

creationtimestamp| type| source ---|---|--- 2026-04-15 00:06:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjilygpeht2z...

5.5CVSS5.7AI score0.00171EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/15 12:0 a.m.3 views

CVE-2026-39984

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.7 views

Sigstore Timestamp Authority 安全漏洞

Sigstore Timestamp Authority is an open-source RFC3161 timestamp authorization software developed by sigstore. Versions of Sigstore Timestamp Authority 2.0.5 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with the VerifyTimestampResponse function, which...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 11:41 p.m.5 views

CVE-2026-39984 Sigstore Timestamp Authority has Improper Certificate Validation in verifier

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...

5.5CVSS5.6AI score0.00099EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 11:41 p.m.2 views

CVE-2026-39984

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/04/14 11:41 p.m.4 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the VerifyTimestampResponse function when a forged certificate is prepended to the certificate bag. An attacker can bypass authorization checks by supplying a payload where the signature is validated...

6.7CVSS5.3AI score0.00099EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/14 11:41 p.m.35 views

CVE-2026-39984 Sigstore Timestamp Authority has Improper Certificate Validation in verifier

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...

5.5CVSS0.00099EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/14 11:41 p.m.4 views

CVE-2026-39984

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...

5.5CVSS5.4AI score0.00099EPSS
Exploits0
Snyk
Snyk
added 2026/04/14 11:41 p.m.4 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the VerifyTimestampResponse function when a forged certificate is prepended to the certificate bag. An attacker can bypass authorization checks by supplying a payload where the signature is validated...

6.7CVSS5.3AI score0.00099EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 11:41 p.m.32 views

CVE-2026-39984

CVE-2026-39984 – Sigstore Timestamp Authority (tsa/timestamp-authority/v2/pkg/verification) : Versions 2.0.5 and earlier contain an authorization bypass in VerifyTimestampResponse. The code validates the certificate chain correctly but applies TSA-specific constraints using the first non-CA certi...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2026/04/14 11:22 p.m.4 views

CVE-2026-34631

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:29+00:00| published-proof-of-concept| Telegram/70ang71mEb6lYSNq2VZHiuuV7i7KfipPcLMkKoGk9-znXQ 2026-04-15 12:08:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjudk3jdv2m 2026-06-13 09:07:08+00:00| seen|...

7.8CVSS4.9AI score0.00138EPSS
Exploits0References2
Circl
Circl
added 2026/04/14 11:22 p.m.4 views

CVE-2026-40291

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:29+00:00| published-proof-of-concept| Telegram/70ang71mEb6lYSNq2VZHiuuV7i7KfipPcLMkKoGk9-znXQ 2026-04-15 12:00:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjtuezgen2p 2026-04-22 20:37:07+00:00| seen|...

8.8CVSS4.8AI score0.00316EPSS
Exploits0References2
Circl
Circl
added 2026/04/14 11:22 p.m.5 views

CVE-2026-35196

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:29+00:00| published-proof-of-concept| Telegram/70ang71mEb6lYSNq2VZHiuuV7i7KfipPcLMkKoGk9-znXQ 2026-04-15 12:08:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjudrmv7g2u...

8.8CVSS4.8AI score0.0176EPSS
Exploits1References1
Circl
Circl
added 2026/04/14 11:22 p.m.4 views

CVE-2026-33019

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:03+00:00| seen| Telegram/7o25spvsi10qoVsYDQCR4BvQZf2Pb0MXjY1dtOy-qDOy7tc...

7.1CVSS4.8AI score0.00256EPSS
Exploits1
Circl
Circl
added 2026/04/14 11:22 p.m.4 views

CVE-2026-34602

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:03+00:00| seen| Telegram/7o25spvsi10qoVsYDQCR4BvQZf2Pb0MXjY1dtOy-qDOy7tc...

7.1CVSS4.8AI score0.00203EPSS
Exploits0
Circl
Circl
added 2026/04/14 11:22 p.m.4 views

GHSA-2XGM-4X47-2X2P

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:03+00:00| seen| Telegram/7o25spvsi10qoVsYDQCR4BvQZf2Pb0MXjY1dtOy-qDOy7tc...

4.8AI score
Exploits0
Circl
Circl
added 2026/04/14 11:22 p.m.3 views

GHSA-X373-8J9J-G5PJ

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:03+00:00| seen| Telegram/7o25spvsi10qoVsYDQCR4BvQZf2Pb0MXjY1dtOy-qDOy7tc...

4.8AI score
Exploits0
Circl
Circl
added 2026/04/14 11:21 p.m.5 views

CVE-2026-27282

creationtimestamp| type| source ---|---|--- 2026-04-14 23:21:52+00:00| seen| Telegram/jHpVmdM968c9lFQ4KStSRALTqvtLmQ8NC1zLLnKyLbbys0E 2026-04-15 01:56:06+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjis4gfiax2a 2026-04-15 12:08:47+00:00| seen|...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References4
Rows per page
Query Builder