Lucene search
+L

328 matches found

CVE
CVE
added 3 hours ago39 views

CVE-2026-48978

The CVE-2026-48978 issue affects the oras-go library prior to 2.6.1, where auth.Client can follow the registry’s Bearer challenge realm without validating the scheme/host. This enables a malicious or compromised registry to trigger SSRF to internal networks (e.g., 169.254.169.254, 10.0.0.x, 127.0...

2.1CVSS5.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added yesterday4 views

openSUSE 16: helm / helm-bash-completion / helm-fish-completion / etc (openSUSE-SU-2026:21331-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:21331-1 advisory. This update for helm fixes the following issue - CVE-2026-48978: oras.land/oras-go/v2/registry/remote/auth: malicious registry can hijack Bearer token...

6.2AI score
Exploits0References3
NVD
NVD
added 2 days ago9 views

CVE-2026-15583

A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...

8.6CVSS0.00312EPSS
Exploits1References1
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-44597

A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...

8.6CVSS6.2AI score0.00312EPSS
Exploits1References1
CVE
CVE
added 2 days ago22 views

CVE-2026-15583

Grafana MCP Server is affected by CVE-2026-15583, a confusion-deputy vulnerability that allows an unauthenticated remote attacker to exfiltrate the server’s Grafana service-account token and perform SSRF via a crafted X-Grafana-URL header. The flaw enables targeting internal services, including c...

8.6CVSS6.2AI score0.00312EPSS
Exploits1References1
Cvelist
Cvelist
added 2 days ago39 views

CVE-2026-15583 SSRF (confused deputy) in Grafana MCP Server via X-Grafana-URL header

A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...

8.6CVSS0.00312EPSS
Exploits1References1
OSV
OSV
added 2 days ago4 views

MAL-2026-10638 Malicious code in monogrok (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3369fb16804682addfec56904223d0255c2a0ca6d35481e744221e8252f2000d Package publishes as a generic 'M!T' library with an unrelated Apache-license README, but the tarball contains an offensive spam / phishing /...

6.2AI score
Exploits0References3
EUVD
EUVD
added 2026/07/10 6:34 p.m.7 views

EUVD-2026-42987

MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools kubectlget, kubectldescribe, kubectldelete that allows attackers to bypass the assertNoDangerousFlags security check by supplying resourceType and name parameters with leading dashes. Attackers can...

9.8CVSS6.1AI score0.00421EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/10 6:34 p.m.35 views

CVE-2026-61459 MCP Server Kubernetes < 3.9.0 Argument Injection via kubectl Structured Tools

MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools kubectlget, kubectldescribe, kubectldelete that allows attackers to bypass the assertNoDangerousFlags security check by supplying resourceType and name parameters with leading dashes. Attackers can...

9.8CVSS0.00421EPSS
Exploits1References5
OSV
OSV
added 2026/07/09 6:14 p.m.1 views

SUSE-SU-2026:2823-1 Security update for helm

This update for helm fixes the following issues - Update to version 3.21.2 - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation bsc1266598. - CVE-2026-48978: oras.land/oras-go/v2/registry/remote/auth:...

9.6CVSS6.5AI score0.00478EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/01 11:28 a.m.10 views

EUVD-2026-40945

In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...

4.1CVSS5.8AI score0.0019EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 11:28 a.m.6 views

CVE-2026-13323

In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...

4.1CVSS5.8AI score0.0019EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/07/01 11:28 a.m.34 views

CVE-2026-13323

Vulnerability CVE-2026-13323 affects Open VSX Registry before 1.0.2. The /vscode/unpkg/ endpoint serves user-supplied HTML without CSP or Content-Disposition headers, enabling a publisher to upload a crafted VSIX and lure authenticated users to visit the URL. This inline rendering in the open-vsx...

8.7CVSS5.8AI score0.0019EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/07/01 11:28 a.m.4 views

CVE-2026-13323

In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...

4.1CVSS6AI score0.0019EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.9 views

PT-2026-54628

Name of the Vulnerable Software and Affected Versions Open VSX Registry versions prior to 1.0.2 Description The '/vscode/unpkg/' endpoint serves user-supplied HTML files with a text/html Content-Type and lacks a Content-Security-Policy or Content-Disposition: attachment response header. This allo...

8.7CVSS5.9AI score0.0019EPSS
Exploits1References6
OSV
OSV
added 2026/06/30 6:15 p.m.5 views

GHSA-VJHC-CF4P-72Q4 Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration

Summary Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched Package.metadata.namespace. Details An attacker with packages.fission.io/create in their own namespace could set spec.environment.namespace to any other tenant's...

7.7CVSS5.9AI score0.00231EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-366 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP

The nbconvert HTTP handlers in jupyterserver render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. Combined with nbconvert.HTMLExporter's default non-sanitizing behavior, a notebook carrying an HTML payload in a displaydata outpu...

9.3CVSS5.8AI score0.00227EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/23 7:11 p.m.6 views

Cross-site Scripting (XSS)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS via the useragent field in the participant logging process. An attacker can execute arbitrary JavaScript in the browser of a privileged us...

9.3CVSS6.1AI score0.002EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 3:48 p.m.5 views

CVE-2026-54304

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.1, an authenticated user with permission to create or modify workflows and access to a SecurityScorecard credential with limited allowed domains could configure the SecurityScorecard node's report download...

7.1CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 3:48 p.m.21 views

CVE-2026-54304

Summary: CVE-2026-54304 affects n8n where the SecurityScorecard node could exfiltrate the API token to a user-controlled URL if an attacker-controlled report download target is configured. Affected versions: n8n prior to 1.123.55, 2.25.7, and 2.26.1. Root cause: Authenticated user with workflow p...

7.7CVSS5.8AI score0.00353EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder