Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61120 matches found

RedHat Linux
RedHat Linuxadded 2026/03/05 1:32 p.m.5 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14.4 for Spring Boot release.

Red Hat build of Apache Camel 4.14.4 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS8AI score0.01179EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/05 11:52 a.m.7 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to ant

Summary Ant is used by IBM webMethods BPM for internal build and deployment operations. Vulnerability Details CVEID:CVE-2012-2098 DESCRIPTION: Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before...

7.5CVSS7.1AI score0.12508EPSS
Exploits1Affected Software1
OSV
OSVadded 2026/03/05 2:16 a.m.2 views

DEBIAN-CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.3AI score0.00583EPSS
Exploits0References1
OSV
OSVadded 2026/03/05 2:16 a.m.3 views

UBUNTU-CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.3AI score0.00583EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/03/05 1:41 a.m.25 views

CVE-2025-40931 Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

0.00583EPSS
Exploits0References9
OSV
OSVadded 2026/03/05 12:18 a.m.3 views

OSV-2026-356 Security exception in org.apache.lucene.util.ArrayUtil.copyOfSubArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489370855 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.copyOfSubArray org.apache.lucene.util.BytesRef.deepCopyOf org.apache.lucene.index.Term...

5.8AI score
Exploits0References1
CNNVD
CNNVDadded 2026/03/05 12:0 a.m.5 views

Apache::Session::Generate::MD5 安全漏洞

Apache::Session::Generate::MD5 is a session management module provided by the Apache Foundation. Versions of Apache::Session::Generate::MD5 prior to 1.94 contained security vulnerabilities. These vulnerabilities stemmed from the use of insecure random number generators for generating session IDs,...

9.1CVSS5.8AI score0.00583EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.4 views

PT-2026-36815

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description HTTP response splitting occurs in multiple Apache HTTP Server modules when interacting with untrusted or compromised backend servers. This issue allows an attacker to split an HTTP...

9.8CVSS5.7AI score0.00663EPSS
Exploits1References43
Tenable Nessus
Tenable Nessusadded 2026/03/05 12:0 a.m.10 views

MiracleLinux 9 : apache-commons-beanutils-1.9.4-10.el9_6 (AXSA:2026-249:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-249:01 advisory. commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 Tenable has...

8.8CVSS6AI score0.01495EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2026/03/04 11:44 p.m.4 views

CVE-2026-3234

A flaw was found in modproxycluster. This vulnerability, a Carriage Return Line Feed CRLF injection in the decodeenc function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the response body of INFO endpoin...

4.3CVSS5.7AI score0.00332EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/03/04 1:44 p.m.4 views

CVE-2025-59060

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/04 1:44 p.m.2 views

CVE-2025-59059

Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

9.8CVSS6AI score0.01244EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/04 10:31 a.m.11 views

Security Bulletin: IBM Event Streams is vulnerable to improper access control

Summary IBM Event Streams is vulnerable to improper access control leading to potential classloader access in Apache Commons BeanUtils CVE-2025-48734 Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class w...

8.8CVSS6.2AI score0.01495EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsvadded 2026/03/04 9:31 a.m.7 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15426350...

8.8CVSS6AI score0.0078EPSS
Exploits0
EUVD
EUVDadded 2026/03/04 9:31 a.m.3 views

EUVD-2026-9382

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.3CVSS6AI score0.08341EPSS
Exploits1References2
OSV
OSVadded 2026/03/04 9:31 a.m.2 views

GHSA-FW88-PF9M-P947 Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score0.08341EPSS
Exploits1References6
OSV
OSVadded 2026/03/04 9:15 a.m.2 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/03/04 9:15 a.m.3 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS7.3AI score0.08341EPSS
Exploits1References2
OSV
OSVadded 2026/03/04 9:15 a.m.3 views

UBUNTU-CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS8.3AI score0.08341EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/04 8:48 a.m.2 views

CVE-2026-27446

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score0.08341EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder