Lucene search
+L

18658 matches found

OSV
OSV
added 6 days ago1 views

CLEANSTART-2026-OV11554 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27142, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-46680, ghsa-fqw6-gf59-qr4w applied in versions: 1.71.4-r0, 1.73.1-r0, 1.73.1-r1

Multiple security vulnerabilities affect the newrelic-infrastructure-agent package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.1AI score0.00813EPSS
Exploits2References48
OSV
OSV
added 6 days ago6 views

CLEANSTART-2026-CM33443 Security fixes for CVE-2024-7598, CVE-2025-13281, CVE-2025-1767, CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61731, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, ghsa-4x4m-3c2p-qppc, ghsa-hj2p-8wj8-pfq4, ghsa-r6j8-c6r2-37rr applied in versions: 2.12.6-r0, 2.12.6-r1

Multiple security vulnerabilities affect the ip-masq-agent package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.1AI score0.01945EPSS
Exploits5References50
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

AlmaLinux 9 : podman (ALSA-2026:37123)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37123 advisory. golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate CVE-2026-39835 golang.org/x/crypto/ssh:...

9.1CVSS6.8AI score0.00525EPSS
Exploits0References9
NVD
NVD
added 2026/07/12 12:16 p.m.12 views

CVE-2026-15497

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS0.00394EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/12 11:25 a.m.11 views

Malicious code in eth-agent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3131490d64c4ae90de2926ca90f6fce23e6a113d1e6538db5ce98ffcf06983d1 The top-level ethagent/init.py performs an outbound HTTP fetch to a hardcoded IPFS gateway URL...

6.3AI score
Exploits0References3
NVD
NVD
added 2026/07/12 11:16 a.m.9 views

CVE-2026-15495

A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...

6.5CVSS0.01543EPSS
Exploits0References6
NVD
NVD
added 2026/07/12 11:16 a.m.6 views

CVE-2026-15496

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/12 11:15 a.m.34 views

CVE-2026-15497 SonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injection

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS0.00394EPSS
Exploits0References5
CVE
CVE
added 2026/07/12 11:15 a.m.14 views

CVE-2026-15497

Affected software / component: SonicCloudOrg sonic-agent (up to 2.7.2), specifically the JWT Authentication Filter in the ExchangeController.java path. Vulnerability: code injection vulnerability reported as enabling a remote attacker to manipulate code execution. Impact (per docs): remote exploi...

7.5CVSS6.6AI score0.00394EPSS
Exploits0References5
CVE
CVE
added 2026/07/12 11:0 a.m.16 views

CVE-2026-15496

SonicCloudOrg sonic-agent (up to version 2.7.2) contains a remote os command injection in GroovyScriptImpl.evalIsFailed within Groovy Script Handler. The vulnerable function is in sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java. Exploitation is public and report...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/12 11:0 a.m.37 views

CVE-2026-15496 SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS0.01158EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/12 11:0 a.m.10 views

EUVD-2026-43218

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/12 10:45 a.m.39 views

CVE-2026-15495 SonicCloudOrg sonic-agent Android WebSocket Server AndroidWSServer.java os command injection

A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...

6.5CVSS0.01543EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/12 10:45 a.m.9 views

EUVD-2026-43217

A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6
CVE
CVE
added 2026/07/12 10:45 a.m.16 views

CVE-2026-15495

The vulnerability CVE-2026-15495 affects SonicCloudOrg sonic-agent up to version 2.7.2, specifically in the Android WebSocket Server component’s AndroidWSServer.java. The issue arises from manipulating the path argument, causing os command injection. It is remotely exploitable and has public disc...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6
NVD
NVD
added 2026/07/11 2:16 p.m.7 views

CVE-2026-61426

PraisonAI before 1.7.3 contains an insecure default configuration that binds to all interfaces with no API key requirement and wildcard CORS. Unauthenticated attackers can call GET /api/agents to read agent instructions and system prompts, or POST /api/chat to invoke agents without authentication...

8.8CVSS0.00322EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/07/11 2:17 a.m.16 views

GHSA-2WC2-FM75-P42X vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-pipelines-visualization-server, datadog-agent-fips, open-webui...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/07/11 2:17 a.m.13 views

CVE-2026-49476 vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-pipelines-visualization-server, datadog-agent-fips, open-webui...

7.5CVSS5.1AI score0.00601EPSS
Exploits0
Wolfi
Wolfi
added 2026/07/11 2:16 a.m.15 views

CVE-2026-49477 vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-pipelines-visualization-server, open-webui...

7.5CVSS5.1AI score0.00601EPSS
Exploits0
Wolfi
Wolfi
added 2026/07/11 2:16 a.m.13 views

CVE-2026-49476 vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-pipelines-visualization-server, open-webui...

7.5CVSS5.1AI score0.00601EPSS
Exploits0
Rows per page
Query Builder