Lucene search
K

1070 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42623

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.16 before 0.10.0, the Socket.IO server is configured with alwaysconnect=True. The ydoc:awareness:update and ydoc:document:leave Socket.IO handlers accepted collaborative-document events without requirin...

3.1CVSS5.9AI score0.00222EPSS
Exploits1References4
CVE
CVE
added 5 days ago8 views

CVE-2026-59715

Affected software: Open WebUI self-hosted AI platform. Vulnerability: Unauthenticated access to collaborative-document Socket.IO handlers (ydoc:awareness:update, ydoc:document:leave) that accepted events without authenticated user, enabling unauthorized manipulation of document collaboration stat...

6.5CVSS5.9AI score0.00222EPSS
Exploits1References4Affected Software1
Malwarebytes
Malwarebytes
added 2026/06/15 7:1 a.m.25 views

A week in security (June 8 – June 14)

Last week on Malwarebytes Labs: Stolen iPhones could soon be worth a lot less to thieves Fake verification pages are stealing Steam accounts from players Google can be liable for false AI Overviews, court rules VRChat says reported data breach never happened Children’s phones must block nude imag...

5.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/10 11:45 a.m.25 views

88% of people struggle to tell what’s real online

What would you trade for a technology that can do almost anything? For many people, the answer is clear: Everything they thought they could trust. In a few, short years, Artificial Intelligence AI tools have granted people unfettered access to easier writing, faster image generation, quicker...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.18 views

MARCIM-WG: A Cyber Wargame Proposal Based on Math Modeling Applied in a Naval Scenario

As maritime operations increasingly depend on interconnected digital ecosystems, cyber incidents can propagate across maritime networks and degrade critical services. Strengthening strategic Cyber Situational Awareness CSA therefore requires training mechanisms that expose decision-makers to...

5.2AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/04 7:32 p.m.89 views

binary-exploitation-labs-Application-security-ctf-writeups

binary-exploitation-labs-Application-security-ctf-writeups...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.17 views

CVE-2026-48133

When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.11 views

Human Factors in Cybersecurity in Icelandic Small and Medium-Sized Enterprises

Cybersecurity threats are increasing in all aspects of society due to the integration of digital systems into modern-day life and a volatile geo-political landscape. Technical factors are an ongoing arms race; however, the threat surface from human and social factors is still present, often...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/26 2:16 p.m.16 views

CVE-2026-48133

When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS0.0475EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 12:56 p.m.11 views

EUVD-2026-31820

When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:56 p.m.10 views

CVE-2026-48133

When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 12:56 p.m.22 views

CVE-2026-48133 Identity Awareness Captive Portal - Unauthenticated Local File Inclusion

When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 12:56 p.m.44 views

CVE-2026-48133 Identity Awareness Captive Portal - Unauthenticated Local File Inclusion

When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS0.0475EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 12:56 p.m.43 views

CVE-2026-48133

The CVE-2026-48133 issue affects the Identity Awareness blade when Browser-Based Authentication is enabled on the Security Gateway, allowing an unauthenticated attacker to read certain internal files. The NVD entry details no exploitation specifics beyond the unauthenticated local file read, and ...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.22 views

PT-2026-43237

Name of the Vulnerable Software and Affected Versions Check Point Security Gateway affected versions not specified Description When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References3
CheckPoint Security
CheckPoint Security
added 2026/05/24 12:0 a.m.14 views

CVE-2026-48133 - Identity Awareness Captive Portal - Unauthenticated Local File Inclusion

Symptoms - When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway. - This issue affects: R82.10 with Jumbo Hotfix Take 6 or below R82 with Jumbo Hotfix Take 91 or below R81.20 with...

7.5CVSS5.8AI score0.0475EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/23 12:0 a.m.12 views

Routing Cybersecurity Awareness Training by FFM Personality Trait: A Quasi-Experimental Evaluation

Cybersecurity awareness training has historically adopted a one-size-fits-all approach, despite established individual differences in how users process and retain security information. Personality has been proposed as one axis along which training content might be tailored; yet no prior study has...

5.7AI score
Exploits0
CheckPoint Security
CheckPoint Security
added 2026/05/23 12:0 a.m.30 views

CVE-2026-48135 - HTTP service can incorrectly process malformed HTTP requests

Cause An input-handling issue in the HTTP request processing path. Symptoms - A Check Point HTTP-based service, such as Mobile Access Portal or Identity Awareness Portals except for Captive Portal, can incorrectly handle malformed HTTP requests. Gaia Portal is not affected by this issue. - The...

5.3CVSS5.6AI score0.02607EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.22 views

From Preventive to Reactive: How AI Coding Assistants Transform Developers' Security Awareness

AI coding assistants are now central to professional software development, yet their impact on how developers think about and practice security remains poorly understood. While prior work has documented vulnerability rates in AI-generated code, a more fundamental question persists: how do these...

5.9AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue was addressed through improved checks. This issue has been fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, and visionOS 1.0.2. Processing...

8.8CVSS7.5AI score0.10593EPSS
Exploits6References2
Rows per page
Query Builder