CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8 matches found

Positive Technologies•added 2026/03/10 12:0 a.m.•6 views

PT-2026-24613

Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. It's important to note that attacker must...

7.4CVSS5.8AI score0.00306EPSS

Exploits0References4

EUVD•added 2026/03/07 9:30 a.m.•6 views

EUVD-2026-10140

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

5.8AI score0.0111EPSS

Exploits0References2

OSV•added 2026/03/07 9:16 a.m.•1 views

DEBIAN-CVE-2026-24308

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

7.5CVSS7.2AI score0.0111EPSS

Exploits0References1

UbuntuCve•added 2026/03/07 9:16 a.m.•5 views

CVE-2026-24308

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

7.5CVSS6.7AI score0.0111EPSS

Exploits0References3

CVE•added 2026/03/07 8:51 a.m.•70 views

CVE-2026-24308

CVE-2026-24308 affects Apache ZooKeeper: improper handling of configuration values in ZKConfig can expose sensitive client configuration in logs at INFO level. Affected: ZooKeeper 3.8.5 and 3.9.4 on all platforms. Impact: potential leakage of sensitive config data in production logs. Mitigation: ...

7.5CVSS5.8AI score0.0111EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/03/07 8:51 a.m.•6 views

CVE-2026-24308

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

5.8AI score0.0111EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/03/07 8:51 a.m.•27 views

CVE-2026-24308 Apache ZooKeeper: Sensitive information disclosure in client configuration handling

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

Exploits0References1

Debian CVE•added 2026/03/07 8:50 a.m.•3 views

CVE-2026-24281

Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. It's important to note that attacker must...

7.4CVSS8.4AI score0.00306EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by