Lucene search
K

15 matches found

NVD
NVD
added 2026/06/24 5:17 p.m.10 views

CVE-2026-53081

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

7.8CVSS0.00116EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53081 bpf: Enforce regsafe base id consistency for BPF_ADD_CONST scalars

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/24 4:30 p.m.7 views

EUVD-2026-38949

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

5.8AI score0.00116EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:30 p.m.12 views

CVE-2026-53081

The CVE-2026-53081 issue affects the Linux kernel BPF verifier: when two scalar registers carry BPF_ADD_CONST, id mapping could become inconsistent because the compound id (base | ADD_CONST) was mapped without validating the underlying base IDs. This could allow two verifier states where one deri...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.31 views

CVE-2026-53081 bpf: Enforce regsafe base id consistency for BPF_ADD_CONST scalars

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

7.8CVSS0.00116EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51975

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Berkeley Packet Filter BPF verifier within the regsafe function. The issue occurs when comparing two scalar registers that both carry BPF ADD CONST values; the check...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/23 8:40 p.m.32 views

CVE-2026-46549 NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited...

2CVSS0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.17 views

PT-2026-42618

Summary Shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email into the base as a real member. The invited user could then redeem the...

5.8CVSS5.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/18 3:0 a.m.10 views

CVE-2026-8786

A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component Config API Endpoint. The manipulation of the argument kbId leads to authorization bypass. It is...

6.5CVSS5.4AI score0.00269EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/05/18 3:0 a.m.62 views

CVE-2026-8786 Tencent WeKnora Config API Endpoint initialization.go getKnowledgeBaseForInitialization authorization

A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component Config API Endpoint. The manipulation of the argument kbId leads to authorization bypass. It is...

6.5CVSS0.00269EPSS
Exploits1References4
OSV
OSV
added 2026/05/18 3:0 a.m.4 views

CVE-2026-8786 Tencent WeKnora Config API Endpoint initialization.go getKnowledgeBaseForInitialization authorization

A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component Config API Endpoint. The manipulation of the argument kbId leads to authorization bypass. It is...

5.3CVSS5.8AI score0.00269EPSS
Exploits1References6
Snyk
Snyk
added 2026/03/06 11:55 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetKnowledgeBaseByID function. An attacker can access and duplicate sensitive data from other tenants by providing the identifier of a knowledge base belonging to a different...

8.2CVSS5.8AI score0.00222EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/06 11:55 p.m.3 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetKnowledgeBaseByID function. An attacker can access and duplicate sensitive data from other tenants by providing the identifier of a knowledge base belonging to a different...

8.2CVSS5.8AI score0.00222EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/06 11:55 p.m.2 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetKnowledgeBaseByID function. An attacker can access and duplicate sensitive data from other tenants by providing the identifier of a knowledge base belonging to a different...

8.2CVSS5.8AI score0.00222EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/20 5:21 p.m.5 views

CVE-2026-23522

LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, knowledgeBase.removeFilesFromKnowledgeBase tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. userId filter in the database query is commented out, so it's...

3.7CVSS5.6AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder