Lucene search
K

158872 matches found

Debian CVE
Debian CVE
added 2026/05/26 9:54 p.m.13 views

CVE-2026-48710

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS5.8AI score0.01438EPSS
Exploits2
Debian CVE
Debian CVE
added 2026/05/26 9:29 p.m.8 views

CVE-2026-42015

A flaw was found in gnutls. An off-by-one error exists in the PKCS12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of...

5.3CVSS5.8AI score0.00727EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/26 9:29 p.m.4 views

CVE-2026-42013

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...

8.2CVSS5.8AI score0.00423EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/26 9:29 p.m.5 views

CVE-2026-42012

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/26 9:29 p.m.4 views

CVE-2026-5260

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/26 7:48 p.m.14 views

GHSA-JGGG-4JG4-V7C6 vulnerabilities

Vulnerabilities for packages: jitsucom-jitsu, vitess, renovate, pulumi, langfuse...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/05/26 7:48 p.m.15 views

GHSA-HFFM-XVC3-VPRC vulnerabilities

Vulnerabilities for packages: renovate...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/05/26 7:48 p.m.16 views

CVE-2026-6951 vulnerabilities

Vulnerabilities for packages: renovate...

9.8CVSS5.8AI score0.00877EPSS
Exploits1
Wolfi
Wolfi
added 2026/05/26 7:48 p.m.16 views

CVE-2026-45740 vulnerabilities

Vulnerabilities for packages: jitsucom-jitsu, vitess, renovate, pulumi, langfuse...

7.5CVSS5.8AI score0.00263EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/26 7:48 p.m.14 views

GHSA-Q8MJ-M7CP-5Q26 vulnerabilities

Vulnerabilities for packages: thingsboard, json-server, tileserver-gl, renovate, code-server, argo-workflows, sqlpad, saf, kubeflow-pipelines, kubeflow-centraldashboard, prism, opensearch-dashboards, langfuse...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/26 7:39 p.m.9 views

GHSA-HFFM-XVC3-VPRC vulnerabilities

Vulnerabilities for packages: renovate...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/26 7:39 p.m.9 views

CVE-2026-6951 vulnerabilities

Vulnerabilities for packages: renovate...

9.8CVSS5.8AI score0.00877EPSS
Exploits1
Chainguard
Chainguard
added 2026/05/26 7:39 p.m.14 views

CVE-2026-8723 vulnerabilities

Vulnerabilities for packages: thingsboard, kibana, langfuse, thingsboard-fips, json-server, langfuse-fips, code-server, opensearch-dashboards, prism, opensearch-dashboards-fips, tileserver-gl, kubeflow-pipelines, redisinsight, sqlpad, wazuh-dashboard, gitlab-rails-ce, tileserver-gl-fips, unleash,...

6.3CVSS7.1AI score0.00351EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/26 7:39 p.m.15 views

GHSA-Q8MJ-M7CP-5Q26 vulnerabilities

Vulnerabilities for packages: thingsboard, kibana, langfuse, thingsboard-fips, json-server, langfuse-fips, code-server, opensearch-dashboards, prism, opensearch-dashboards-fips, tileserver-gl, kubeflow-pipelines, redisinsight, sqlpad, wazuh-dashboard, gitlab-rails-ce, tileserver-gl-fips, unleash,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/26 7:39 p.m.11 views

CVE-2026-41712 vulnerabilities

Vulnerabilities for packages: camunda-zeebe, camunda...

7.5CVSS5.8AI score0.0026EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/26 7:39 p.m.7 views

GHSA-Q62F-H9X2-GCQC vulnerabilities

Vulnerabilities for packages: camunda-zeebe, camunda...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/26 6:56 p.m.6 views

USN-8310-1 linux-azure, linux-azure-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS5.9AI score0.96775EPSS
Exploits228References23
Debian CVE
Debian CVE
added 2026/05/26 6:30 p.m.8 views

CVE-2026-9572

A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. Th...

5.5CVSS5.3AI score0.00161EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/05/26 5:51 p.m.16 views

USN-8307-1: ONNX vulnerability

It was discovered that ONNX did not properly validate paths when extracting tar archives during model downloads. An attacker could possibly use this issue to overwrite arbitrary files on the system...

8.8CVSS6AI score0.01168EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/05/26 5:45 p.m.29 views

CVE-2026-9567

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

4.8CVSS5.3AI score0.00115EPSS
Exploits0
Rows per page
Query Builder