Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

102 matches found

Positive Technologies
Positive Technologiesadded 2026/05/07 12:0 a.m.3 views

PT-2026-38422

Date: May 7, 2026 Status: ACTIVE GLOBAL EXPLOITATION / STATE-SPONSORED CAMPAIGN Target: Palo Alto Networks PAN-OS GlobalProtect Gateway / Management Interface Severity: 10.0 MAXIMUM CRITICAL Unauthenticated Remote Root Code Execution 1. Analysis: Why "PAN-Optic" is Today's Apex Threat While the...

5.8AI score
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/05/05 10:4 p.m.3 views

authd: Primary group ID is incorrectly set to value of UID

authd 0.6.0 contains a bug which can lead to an incorrect primary group ID. It affects users whose primary group ID i.e. the GID in the user record differs from their UID. There are two ways which can lead to this: 1. The user was created with authd &2 continue fi if "$OLDGID"...

7.3CVSS5.8AI score0.00017EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2026/05/05 10:4 p.m.2 views

GHSA-FG3J-5W9G-HMG7 authd: Primary group ID is incorrectly set to value of UID

authd 0.6.0 contains a bug which can lead to an incorrect primary group ID. It affects users whose primary group ID i.e. the GID in the user record differs from their UID. There are two ways which can lead to this: 1. The user was created with authd &2 continue fi if "$OLDGID"...

7.3CVSS5.8AI score0.00017EPSS
Exploits0References4
NVD
NVDadded 2026/04/27 4:16 p.m.1 views

CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS0.00017EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/27 3:28 p.m.25 views

CVE-2026-6970 authd Denial of Service and Local Privilege Escalation

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS0.00017EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/27 3:28 p.m.1 views

CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.2AI score0.00017EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/27 3:28 p.m.1 views

CVE-2026-6970 authd Denial of Service and Local Privilege Escalation

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.2AI score0.00017EPSS
Exploits0References2
CVE
CVEadded 2026/04/27 3:28 p.m.10 views

CVE-2026-6970

Summary: CVE-2026-6970 affects authd prior to 0.6.4 and describes a logic error in primary group ID (GID) assignment. If a user’s GID differs from their UID (either from pre-0.5.4 account creation or via authctl group set-gid) and the identity provider record is updated, authd resets the primary ...

7.3CVSS5.2AI score0.00017EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/04/27 12:0 a.m.1 views

CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.8AI score0.00017EPSS
Exploits0References2
OSV
OSVadded 2026/04/27 12:0 a.m.1 views

UBUNTU-CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.8AI score0.00017EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/27 12:0 a.m.1 views

PT-2026-35449

Name of the Vulnerable Software and Affected Versions authd versions prior to 0.6.4 Description A logic error exists in the primary group ID assignment. When a user's primary group ID GID differs from their user ID UID—occurring if the account was created with versions prior to 0.5.4 or if the...

7.3CVSS5.8AI score0.00017EPSS
Exploits0References14
CNNVD
CNNVDadded 2026/04/27 12:0 a.m.4 views

Authd 安全漏洞

Authd is a cloud-based identity provider authentication daemon open source in Ubuntu. Versions of Authd prior to 0.6.4 have security vulnerabilities, which stem from errors in the main group ID assignment logic, potentially leading to local privilege escalation...

7.3CVSS5.8AI score0.00017EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.2 views

CVE-2025-15615

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

7.5CVSS5.9AI score0.00075EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.1 views

CVE-2026-32983

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

7.5CVSS5.9AI score0.00162EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/27 6:31 p.m.0 views

EUVD-2026-16688

Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability impact to the...

5.3CVSS6AI score0.00085EPSS
Exploits0References3
NVD
NVDadded 2026/03/27 5:16 p.m.1 views

CVE-2025-15615

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

7.5CVSS0.00075EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/27 4:23 p.m.23 views

CVE-2025-15615 Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

6.9CVSS0.00075EPSS
Exploits1References2
CVE
CVEadded 2026/03/27 4:23 p.m.5 views

CVE-2025-15615

CVE-2025-15615 affects the Wazuh Manager authd service in wazuh-manager up to version 4.7.3. The root cause is an improper restriction of client-initiated SSL/TLS renegotiation, which allows remote attackers to cause a denial of service by sending excessive renegotiation requests. The impact desc...

7.5CVSS5.9AI score0.00075EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/27 4:23 p.m.9 views

CVE-2025-15615 Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

6.9CVSS5.9AI score0.00075EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/27 4:23 p.m.3 views

CVE-2025-15615

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

6.9CVSS5.9AI score0.00075EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder