Lucene search
K

2444 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 5:41 a.m.7 views

CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.35 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS6.1AI score0.00122EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52106

Name of the Vulnerable Software and Affected Versions chrome-devtools-mcp versions 0.24.0 through 1.0.9 Description A workspace-boundary bypass exists because the McpContext.validatePath function fails to canonicalize symbolic links when checking if a path falls under configured root paths. This...

6.1CVSS5.8AI score0.00087EPSS
Exploits1References5
OSV
OSV
added 2026/06/23 5:9 p.m.3 views

GHSA-89MR-XQFV-758M Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Summary Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component — UploadRepoFiles is the lone outlier. An attacker with repo-wri...

9CVSS6.2AI score0.00474EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/23 5:3 p.m.7 views

Gogs allows users to write to readonly repositories using receive-pack + service=git-upload-pack confusion

Summary Git smart HTTP authorizes POST …/git-receive-pack using the client-supplied service query string so ?service=git-upload-pack is evaluated as read access while routing still runs git receive-pack, allowing push where only read should be allowed. Details Gogs' Git Smart HTTP handler for...

7.1CVSS6.1AI score0.00427EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/23 3:55 p.m.34 views

CVE-2026-44792

CVE-2026-44792 describes a SQL injection risk in n8n caused by importing a crafted Data Table JSON file during a Source Control Pull. Attack requires: PostgreSQL backend, Source Control feature enabled and connected to a writable repository, and an administrator triggering a Pull. The vulnerabili...

9CVSS5.9AI score0.00331EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 3:55 p.m.39 views

CVE-2026-44792 n8n: Source Control Pull SQL Injection

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator...

8.9CVSS0.00331EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/23 1:16 a.m.5 views

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.8AI score0.00862EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:16 a.m.6 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.8AI score0.00939EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:7 a.m.3 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.8AI score0.00939EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:1 a.m.9 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.8AI score0.00939EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 1:37 p.m.7 views

CVE-2026-8074

Mattermost versions 11.7.x = 11.7.0, 10.11.x = 10.11.17 fail to enforce bot-specific permission checks on the user active status endpoint, which allows a User Manager with user management write access but no Integrations access to deactivate bot accounts via the PUT /api/v4/users/id/active API...

3.8CVSS5.9AI score0.00192EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/22 7:38 a.m.34 views

CVE-2026-44914 Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

7.5CVSS0.00393EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 7:37 a.m.21 views

CVE-2026-44911

CVE-2026-44911 affects Apache NiFi 1.15.0–2.9.0 where authorization for component configuration verification requests is insufficient: users with read access can submit proposed configuration properties, potentially overriding current settings and invoking verification methods with altered parame...

6.3CVSS5.8AI score0.00327EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/22 7:37 a.m.9 views

EUVD-2026-38218

Authorization handling for component configuration verification requests in Apache NiFi 1.15.0 through 2.9.0 allows clients with read access to submit proposed configuration properties. The proposed properties override current configuration, enabling users with read access to invoke predefined...

2.3CVSS5.8AI score0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 7:37 a.m.8 views

CVE-2026-44911

Authorization handling for component configuration verification requests in Apache NiFi 1.15.0 through 2.9.0 allows clients with read access to submit proposed configuration properties. The proposed properties override current configuration, enabling users with read access to invoke predefined...

2.3CVSS5.8AI score0.00327EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/19 1:41 p.m.26 views

CVE-2026-12104

Bondix by SIMA GmbH (Linux) up to version 1.25.7.5 is affected by an authenticated OS command injection in environment and tunnel configuration handling. An attacker with configuration write access can pass crafted values to server-side scripts to execute arbitrary OS commands. The vulnerability ...

8.6CVSS6.2AI score0.01098EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/19 2:1 a.m.11 views

SUSE CVE-2025-10263

Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level...

9.1CVSS5.2AI score0.00474EPSS
Exploits0References20
Cvelist
Cvelist
added 2026/06/18 8:47 p.m.18 views

CVE-2026-46699 conda-smithy vulnerable to misrouted repository invitation by conda-forge-webservices[bot] due to GitHub username takeover leading to unintended write access in conda-forge feedstock repository

conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.61.0, a vulnerability in the conda-forge automated webservices allowed unintended write access to feedstock repositories through GitHub...

7.6CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 8:1 p.m.28 views

CVE-2026-49252

CVE-2026-49252 affects the deepstream server. Versions prior to 10.0.5 are vulnerable to Prototype Pollution , with exploitation leading to potential privilege escalation by any authenticated user with write permission to any record. The issue is fixed in version 10.0.5 . Affected product: deepst...

9.9CVSS5.2AI score0.0027EPSS
Exploits0References2
Veracode
Veracode
added 2026/06/18 6:50 a.m.8 views

Authorization Bypass

Spring Data REST is vulnerable to Authorization Bypass. The vulnerability is due to improper enforcement of write-access restrictions in the JSON Patch application/json-patch+json implementation, where intermediate path segments in multi-segment JSON Pointer expressions are not subjected to...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder