239 matches found
CVE-2026-45644
creationtimestamp| type| source ---|---|--- 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-09 16:23:58+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0184...
CVE-2026-45591
creationtimestamp| type| source ---|---|--- 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-09 16:23:58+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0184 2026-06-10 13:10:17+00:00| seen|...
CVE-2026-44823
creationtimestamp| type| source ---|---|--- 2026-06-09 16:04:53+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0182 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...
Allocation of Resources Without Limits or Throttling
Overview io.netty:netty-codec-http2 is a HTTP2 sub package for the netty library, an event-driven asynchronous network application framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of enforcement of the advertised...
Amazon Linux 2 : bind, --advisory ALAS2-2026-3353 (ALAS-2026-3353)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3353 advisory. Limit resolver server list size CVE-2026-3592 Avoid unbounded recursion loop CVE-2026-5950 Tenable has extracted the...
CVE-2026-20230
creationtimestamp| type| source ---|---|--- 2026-06-03 12:22:10+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547 2026-06-03 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1899 2026-06-03 23:03:34+00:00| seen|...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.0) +7208 more potentially affected by CVE-2026-44495 via axios (>=1.0.0 <=1.15.1)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.1.6-alpha.11, =0.1.6-alpha.12 and more Source cves: CVE-2026-44495 Source advisory:...
SUSE SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:2093-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2093-1 advisory. This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME...
ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +298 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43827 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116505...
01os (>=0.0.1 <=0.0.14), 2025-assignment2-expenses-manager (>=0.1.1 <=0.1.7) +5785 more potentially affected by CVE-2026-48710 via starlette (>=0.20.2 <=1.0.0rc1)
starlette PYPI version =0.20.2, =0.0.1, =0.1.1, =0.5.3, =0.1.3, =0.1.0, =0.1.1, =0.3.6, =0.12.0, =0.4.2, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.1.18 and more Source cves: CVE-2026-48710 Source advisory: OSV:PYSEC-2026-161...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.54 security and extras update
Red Hat OpenShift Container Platform release 4.17.54 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...
alvin-cli (>=0.0.1a0 <=1.3.0rc1), apache-airflow-providers-fastetl (>=0.0.36 <=0.0.39) +47 more potentially affected by CVE-2026-46374 via sqlfluff (>=0.11.2 <=4.1.0)
sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.0.36, =0.4.6, =1.1.5, =0.1.2, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.4.0, =0.1.0, =0.19.1a7, =1.3.3, =0.9.3, =0.1.0, =0.3.3 and more Source cves: CVE-2026-46374 Source advisory: OSV:GHSA-73JC-5MRQ-PRW7...
CVE-2026-6342
Mattermost plugins vulnerable to a namespace prefix-matching bypass. Affected: Mattermost Plugins versions
Mozilla Firefox < 150.0.3
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-45 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3...
MiracleLinux 8 : thunderbird-140.10.0-1.el8_10.ML.1 (AXSA:2026-579:10)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-579:10 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the...
Amazon Linux 2023 : java-26-amazon-corretto, java-26-amazon-corretto-devel, java-26-amazon-corretto-headless (ALAS2023-2026-1682)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1682 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...
Mozilla Thunderbird < 140.10.2
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-44 advisory. - Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2,...
RHEL 9 : freeipmi (RHSA-2026:14819)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:14819 advisory. The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI...
MiracleLinux 8 : java-17-openjdk-17.0.19.0.10-1.el8 (AXSA:2026-552:05)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-552:05 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016492)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016492 advisory. OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted ...