Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12949 matches found

Chainguard
Chainguardadded 2 days ago4 views

GHSA-MPWR-8VM7-H73F vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-alertsmanagement, crossplane-provider-azure-orbital, crossplane-provider-azure-powerbidedicated, crossplane-provider-azure-servicebus, crossplane-provider-azure-relay, grafana, nuclei, goreleaser, x509-certificate-exporter-fips,...

5.8AI score
Exploits0
Chainguard
Chainguardadded 2 days ago4 views

GHSA-89GR-R52H-F8RX vulnerabilities

Vulnerabilities for packages: kots, fulcio, crossplane-provider-azure-storage, crossplane-provider-azure-orbital, neuvector-sigstore-interface-fips, knative-eventing-fips, opentelemetry-collector, ksops, crossplane-provider-azure-servicelinker, gitea, terragrunt-fips, nemo,...

5.8AI score
Exploits0
Chainguard
Chainguardadded 2 days ago3 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-storage, ksops, terragrunt-fips, flux-image-automation-controller, crossplane-provider-aws-ecs, helm, crossplane-provider-aws-bedrockagent-fips, knative-serving-fips, terragrunt, crossplane-provider-aws-kinesis-fips,...

5.8AI score
Exploits0
Chainguard
Chainguardadded 2 days ago4 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-storage, ksops, terragrunt-fips, flux-image-automation-controller, crossplane-provider-aws-ecs, helm, crossplane-provider-aws-bedrockagent-fips, knative-serving-fips, terragrunt, crossplane-provider-aws-kinesis-fips,...

5.8AI score
Exploits0
Chainguard
Chainguardadded 2 days ago4 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: kots, fulcio, crossplane-provider-azure-storage, crossplane-provider-azure-orbital, neuvector-sigstore-interface-fips, knative-eventing-fips, opentelemetry-collector, ksops, crossplane-provider-azure-servicelinker, gitea, terragrunt-fips, nemo,...

5.8AI score
Exploits0
Wolfi
Wolfiadded 2 days ago3 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: flux-notification-controller, docker-cli-buildx, fulcio, cilium-cli, cloud-provider-aws, ko, sops, kaf, pulumi-language-dotnet, cluster-api-azure-controller, k8sgpt, age, zarf, openbao, terraform-provider-tls, gitea, gitlab-kas, ksops,...

5.8AI score
Exploits0
NVD
NVDadded 3 days ago3 views

CVE-2026-55412

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...

8.3CVSS0.00193EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 3 days ago5 views

CVE-2026-55412

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...

8.3CVSS5.9AI score0.00193EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 3 days ago27 views

CVE-2026-55412 ToolJet Cloud - SSRF to Azure Cloud Infrastructure Compromise

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...

8.3CVSS0.00193EPSS
Exploits0References1
EUVD
EUVDadded 3 days ago5 views

EUVD-2026-39469

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...

8.3CVSS5.9AI score0.00193EPSS
Exploits0References1
CVE
CVEadded 3 days ago7 views

CVE-2026-55412

ToolJet (open-source platform) Vulnerability: SSRF in the RestAPI data source component allows authenticated users to induce server-side HTTP requests that bypass its private IP filter via DNS trickery (169.254.169.254.nip.io), potentially stealing Azure managed identity tokens for the AKS produc...

8.3CVSS5.9AI score0.00193EPSS
Exploits0References1
Chainguard
Chainguardadded 4 days ago9 views

GHSA-HV8M-JJ95-WG3X vulnerabilities

Vulnerabilities for packages: azure-functions-extension-bundles...

5.8AI score
Exploits0
Chainguard
Chainguardadded 4 days ago8 views

CVE-2026-48109 vulnerabilities

Vulnerabilities for packages: azure-functions-extension-bundles...

8.2CVSS5.8AI score0.00296EPSS
Exploits0
Chainguard
Chainguardadded 5 days ago6 views

GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: kots, redpanda-operator, neuvector-sigstore-interface-fips, google-cloud-otel-ops-collector, kiali-fips, ksops, tetragon-fips, flux-image-reflector-controller, cass-operator-fips-no-pvc-delete, dapr-fips, flux-image-automation-controller, crossplane-provider-aws-ecs,...

5.8AI score
Exploits0
Chainguard
Chainguardadded 5 days ago6 views

CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: kots, redpanda-operator, neuvector-sigstore-interface-fips, google-cloud-otel-ops-collector, kiali-fips, ksops, tetragon-fips, flux-image-reflector-controller, cass-operator-fips-no-pvc-delete, dapr-fips, flux-image-automation-controller, crossplane-provider-aws-ecs,...

5.3CVSS5.8AI score0.00237EPSS
Exploits0
Cvelist
Cvelistadded 6 days ago27 views

CVE-2026-56425 MISP AAD authentication plugin - Improper OAuth State Handling, Missing Session Rotation, Insecure Redirect URI Validation, and Log Injection

The Azure Active Directory AAD authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization flow that could allow attackers to bypass important security guarantees provided by the protocol. The application used the PHP session identifier sessionid as the OAuth state...

9.3CVSS0.00258EPSS
Exploits0References1
CVE
CVEadded 6 days ago10 views

CVE-2026-56425

CVE-2026-56425 affects the AAD authentication plugin for MISP (OAuth 2.0). The vulnerability stems from using session_id() as the OAuth state parameter, lack of session rotation after login, no dedicated nonce for the state, and not enforcing HTTPS for the redirect URI. Additional issue: OAuth er...

9.3CVSS5.9AI score0.00258EPSS
Exploits0References1Affected Software1
Microsoft KB
Microsoft KBadded 6 days ago9 views

Azure File Sync Agent V22.4 - June 2026

Azure File Sync Agent V22.4 - June 2026 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v22.4 release that is dated June 2026. Additionally, this article contains installation instructions for this release. Improvements and issues that are fixed Serv...

5.9AI score
Exploits0
NVD
NVDadded 2026/06/19 9:17 p.m.9 views

CVE-2026-48584

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...

9.9CVSS0.005EPSS
Exploits0References1
NVD
NVDadded 2026/06/19 9:16 p.m.10 views

CVE-2026-45480

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.00562EPSS
Exploits0References1
Rows per page
Query Builder