1865 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-57216
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, AMQP 0-9-1, AMQP 1.0, and Stream Protocol authentication can allow a...
CVE-2026-59190 Grav Admin Plugin — IDOR Privilege Escalation via saveUser()
grav-plugin-admin is an HTML user interface that provides a way to configure Grav and create and modify pages. In 1.10.52 and earlier, an authenticated attacker with admin.users permission can change the password of any user account, including the super administrator, by sending a direct POST...
CVE-2026-8458
libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...
Curl 8.15.0 < 8.21.0 SASL Double-Free
The version of curl installed on the remote host is 8.15.0 prior to 8.21.0. It is, therefore, affected by a double-free vulnerability: - The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the...
CVE-2026-10711
Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04...
CVE-2026-11748
A vulnerability has been identified in centraldogma-server-auth-shiro versions prior to 0.84.0, where the SearchFirstActiveDirectoryRealm substitutes the login username into an LDAP search filter without neutralizing LDAP filter metacharacters, allowing an unauthenticated attacker to manipulate t...
UBUNTU-CVE-2026-55199
libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...
CVE-2026-40785
Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...
GHSA-WQP7-X3PW-XC5R Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows
Summary When serving static files on Windows, StaticFiles resolves the requested path with os.path.realpath. If a UNC path such as \attacker.com\share reaches the resolver, realpath causes the process to open a connection to the remote host over SMB port 445. This is a server-side request forgery...
SUSE SLES15 Security Update : tomcat10 (SUSE-SU-2026:2377-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2377-1 advisory. This update for tomcat10 fixes the following issues Update to Tomcat 10.1.55: - CVE-2026-41284: Unbounded read in WebDAV LOCK and...
SUSE SLES15 Security Update : tomcat11 (SUSE-SU-2026:2374-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2374-1 advisory. This update for tomcat11 fixes the following issues Update to Tomcat 11.0.22: - CVE-2026-41284: Unbounded read in WebDAV LOCK and...
CVE-2026-53520 Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0...
EUVD-2026-36586
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a flaw in how replies to whisper posts are handled allows authenticated users outside the groups configured in...
SUSE-SU-2026:2383-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. - CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks...
CVE-2026-9212
Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations...
RockyLinux 9 : postgresql-jdbc (RLSA-2026:22304)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:22304 advisory. jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication CVE-2026-42198 Tenable has extracted the preceding...
PT-2026-45530
Name of the Vulnerable Software and Affected Versions Nextcloud versions 5.5.13 through 5.5.16 Nextcloud versions 6.2.0 through 6.2.2 Description An authenticated user can enumerate other users on the same instance. This is possible because sharing restrictions were not effectively applied to the...
Alibaba Cloud Linux 3 : 0137: nginx (ALINUX3-SA-2026:0137)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0137 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41741: NGINX Open Source before...
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2026:2076-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2076-1 advisory. This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on...
JeecgBoot 授权问题漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Version 3.9.1 of JeecgBoot contains an authorization vulnerability. This vulnerability stems from an unknown handling of files in the OpenAPI Endpoint component, which may lead to...