2186 matches found
PT-2026-48050
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...
CVE-2022-50953
creationtimestamp| type| source ---|---|--- 2026-06-08 04:45:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnquqk7yuu2k...
AlmaLinux 10 : kernel (ALSA-2026:19569)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19569 advisory. kernel: net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 kernel: net/sched: Make cakeenqueue return NETXMITCN when past...
CVE-2026-11029
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-10854
creationtimestamp| type| source ---|---|--- 2026-06-04 14:57:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnhv3u7pcq2x...
CVE-2026-50052
In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...
RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...
Advisory ROSA-SA-2026-3306
Component: PHP 7.4.33 OS: ROSA-CHROME Affected versions: = php-7.4.33-13 Affected versions: php-7.4.33-13 CVE-ID: CVE-2024-5458 BDU-ID: 2024-04846 CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability in the filtervar function of the PHP interpreter involves insufficient validation of data...
EUVD-2026-33550
An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...
CVE-2026-8856
creationtimestamp| type| source ---|---|--- 2026-05-26 19:00:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmroikayjn2t...
CVE-2022-31231
creationtimestamp| type| source ---|---|--- 2026-05-22 17:04:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhg4jwbkx2t...
@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46695 via @boxlite-ai/boxlite (=0.8.2)
@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46695 Source advisory: OSV:GHSA-G6WW-W5J2-R7X3...
CVE-2026-46378 vulnerabilities
Vulnerabilities for packages: vale...
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
CVE-2026-6638 affecting package postgresql for versions less than 16.14-1
CVE-2026-6638 affecting package postgresql for versions less than 16.14-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-6271
creationtimestamp| type| source ---|---|--- 2026-05-14 06:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mls72nq6sn2q 2026-05-14 09:06:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlshon6mjj2k 2026-05-14 13:30:30+00:00| seen|...
gimp: GIMP: Remote Code Execution via malicious JP2 file parsing
A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...
EUVD-2026-29491
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
CVE-2026-8274
creationtimestamp| type| source ---|---|--- 2026-05-11 06:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116554414807477280 2026-05-11 06:00:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlklvhdkzv23 2026-05-11 07:01:13+00:00| seen|...
CVE-2022-50955
creationtimestamp| type| source ---|---|--- 2026-05-10 15:11:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlj2ackmlb2r...