Lucene search
K

11 matches found

NVD
NVD
added 2026/06/22 2:17 p.m.14 views

CVE-2026-54099

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS0.00075EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 12:46 p.m.13 views

CVE-2026-54099

The CVE-2026-54099 entry describes a vulnerability in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift. The WICD CSR auto-approver only checks that a CSR’s organization includes system:wicd-nodes and does not reject extra organization values such as system:masters. A compromised W...

8.8CVSS5.8AI score0.00075EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2026/06/22 12:46 p.m.32 views

CVE-2026-54099 Windows-machine-config-operator: windows-machine-config-operator: wicd csr extra-organization allows privilege escalation to system:masters

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS0.00075EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 12:45 p.m.14 views

CVE-2026-54099

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS5.8AI score0.00075EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.13 views

PT-2026-51305

Name of the Vulnerable Software and Affected Versions Red Hat OpenShift Container Platform 4 affected versions not specified Description A flaw exists in the Windows Machine Config Operator WMCO where the WICD CSR auto-approver validates that a Certificate Signing Request contains the organizatio...

8.8CVSS5.9AI score0.00075EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2026/04/10 1:24 a.m.1 views

CVE-2026-4664 Customer Reviews for WooCommerce <= 5.103.0 - Unauthenticated Authentication Bypass to Arbitrary Review Submission via 'key' Parameter

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.103.0. This is due to the createreviewpermissionscheck function comparing the user-supplied key parameter against the order's ivolesecretkey meta value using...

5.3CVSS5.7AI score0.00673EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.33 views

PT-2026-31850

Name of the Vulnerable Software and Affected Versions Customer Reviews for WooCommerce plugin for WordPress versions up to and including 5.103.0 Description The Customer Reviews for WooCommerce plugin for WordPress is susceptible to authentication bypass. This occurs because the create review...

5.3CVSS5.7AI score0.00673EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-27127

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00199EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25612

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00703EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/24 5:25 p.m.6 views

CVE-2025-57771

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution...

8.1CVSS8.1AI score0.00703EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/22 4:35 p.m.12 views

CVE-2025-57771 Roo-Code potential remote code execution via auto-execute command parsing flaw

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution...

8.1CVSS0.00703EPSS
Exploits0References2
Rows per page
Query Builder