Lucene search
+L

667 matches found

NVD
NVD
added 2026/05/08 11:16 p.m.46 views

CVE-2026-41520

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

7.9CVSS0.00077EPSS
Exploits0References4
CVE
CVE
added 2026/05/08 10:1 p.m.31 views

CVE-2026-41520

CVE-2026-41520 affects Cilium’s bugtool output. Prior to versions 1.17.15, 1.18.9, and 1.19.3, running cilium-bugtool against deployments with WireGuard encryption can reveal sensitive data in the bug archive. The issue is addressed in the patched releases: 1.17.15, 1.18.9, and 1.19.3. The CVSS-d...

7.9CVSS5.7AI score0.00077EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/08 10:1 p.m.17 views

CVE-2026-41520 Cillium exposes sensitive information included in the cilium-bugtool debug archive

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

7.9CVSS5.7AI score0.00077EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 10:1 p.m.10 views

CVE-2026-41520

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

7.9CVSS5.7AI score0.00077EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/08 10:1 p.m.11 views

EUVD-2026-28845

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

7.9CVSS5.7AI score0.00077EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/08 10:1 p.m.62 views

CVE-2026-41520 Cillium exposes sensitive information included in the cilium-bugtool debug archive

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

7.9CVSS0.00077EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 10:1 p.m.2 views

CVE-2026-41520 Cillium exposes sensitive information included in the cilium-bugtool debug archive

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

7.9CVSS5.9AI score0.00077EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/05/08 6:49 p.m.112 views

projeto-conexoes-seguras

Projeto Conexões Seguras Faculdade de Tecnologia SENAI Feli...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.7 views

Cilium 信息泄露漏洞

Cilium is an open-source software developed by Cilium contributors. It is used to provide and transparently protect network connections and load balancing between application workloads, such as application containers or processes. Versions of Cilium prior to 1.17.15, 1.18.9, and 1.19.3 have a...

7.9CVSS5.8AI score0.00077EPSS
Exploits0References2
OSV
OSV
added 2026/04/28 6:30 p.m.9 views

GHSA-QPV2-RWC8-C993 Netmaker does not verify JWT signatures for host tokens

Netmaker by Gravitl is an open-source WireGuard-based networking platform for creating and managing virtual overlay networks. The VerifyHostToken function in logic/jwts.go does not validate the JWT signature when verifying host tokens. After calling jwt.ParseWithClaims, the function only checks...

9.2CVSS5.8AI score0.00298EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/28 6:30 p.m.13 views

Netmaker does not verify JWT signatures for host tokens

Netmaker by Gravitl is an open-source WireGuard-based networking platform for creating and managing virtual overlay networks. The VerifyHostToken function in logic/jwts.go does not validate the JWT signature when verifying host tokens. After calling jwt.ParseWithClaims, the function only checks...

8.2CVSS5.8AI score0.00298EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2026/04/28 3:34 a.m.192 views

Exploit for Stack-based Buffer Overflow in Asustor Data_Master

CVE-2026-6643 — ASUSTOR ADM 5.1.2 RCE Format String CWE-134...

9.9CVSS6.2AI score0.00468EPSS
Exploits1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.13 views

Gravitl Netmaker 数据伪造问题漏洞

Gravitl Netmaker is a platform developed by the American company Gravitl, which uses WireGuard to create and manage fast, secure, and dynamic virtual overlay networks. It is used to create and control automated virtual networks. Versions of Gravitl Netmaker prior to 1.5.0 contained a data...

8.2CVSS5.8AI score0.00298EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. Th...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/25 11:39 p.m.6 views

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the form of all state directory files, including the WireGuard private key file, being included in archives by default. The runTool function does not remove this file before archiving. Using...

8.1CVSS5.4AI score0.00077EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 11:39 p.m.9 views

GHSA-GJ49-89WH-H4GJ Cillium exposes sensitive information included in the cilium-bugtool debug archive

Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...

7.9CVSS5.8AI score0.00077EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/04/25 11:39 p.m.20 views

Cillium exposes sensitive information included in the cilium-bugtool debug archive

Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...

7.9CVSS5.5AI score0.00077EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/25 1:38 a.m.8 views

SUSE CVE-2026-31579

In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. This causes a hung task when another thread holds rtnlmutex - the...

5.5CVSS5.5AI score0.00122EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.9 views

PT-2026-35502

Name of the Vulnerable Software and Affected Versions Cilium versions prior to 1.17.15 Cilium versions 1.18.0 through 1.18.8 Cilium versions 1.19.0 through 1.19.2 Description When run against deployments with WireGuard encryption enabled, the output of the cilium-bugtool debugging tool can contai...

7.9CVSS5.8AI score0.00077EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/04/24 6:28 p.m.7 views

CVE-2026-31579

A flaw was found in the Linux kernel's WireGuard component. A local user could trigger a hung task by causing contention for the rtnllock within the wgnetnspreexit callback. This issue can lead to a Denial of Service DoS, where the system becomes unresponsive as cleanup operations block...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder