61155 matches found
BIT-AIRFLOW-2026-24098 Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors
Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to. Users are advised to upgrade to 3.1.7 or later, which resolves this issue...
BIT-AIRFLOW-2026-22922 Apache Airflow: Airflow externalLogUrl Permission Bypass
Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this...
PT-2026-8172
CVE-2026-26090 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26090 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2026-8170
CVE-2026-26088 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26088 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2026-8171
CVE-2026-26089 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2026-26089 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-8104
CVE-2026-26086 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26086 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2026-8174
CVE-2026-26092 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26092 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2026-8169
CVE-2026-26087 - Apache HTTP Server Unvalidated Request Parameter CVE ID : CVE-2026-26087 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...
PT-2026-8103
CVE-2026-26085 - Apache HTTP Server Information Disclosure CVE ID : CVE-2026-26085 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-8173
CVE-2026-26091 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-26091 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-23906
Affected Products and Versions Apache Druid Affected Versions: 0.17.0 through 35.x all versions prior to 36.0.0 Prerequisites: druid-basic-security extension enabled LDAP authenticator configured Underlying LDAP server permits anonymous bind Vulnerability Description An authentication bypass...
Exploit for Path Traversal in Apache Http_Server
PoC-Apa...
PT-2026-7980
CVE-2026-26042 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-26042 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7974
CVE-2026-26036 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-26036 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7982
CVE-2026-26044 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-26044 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7975
CVE-2026-26037 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2026-26037 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7981
CVE-2026-26043 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26043 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2026-7979
CVE-2026-26041 - Apache HTTP Server XML Entity Injection CVE ID : CVE-2026-26041 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7977
CVE-2026-26039 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-26039 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...