Lucene search
K

1474 matches found

ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-50562

FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...

9.3CVSS6.1AI score0.00012EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday6 views

CVE-2026-50562 FastGPT: Untrusted PR artifacts are pushed and deployed by privileged preview workflows

FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...

9.3CVSS0.00012EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2 days ago4 views

July 14, 2026—KB5099539 (OS Builds 19045.7548 and 19044.7548)

None None...

9.6CVSS6.1AI score0.02545EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2 days ago19 views

July 14, 2026—KB5101650 (OS Builds 26200.8875 and 26100.8875)

None None...

9.8CVSS6.1AI score0.02545EPSS
Exploits0
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-43494

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

9.1CVSS6AI score0.00213EPSS
Exploits0References2
CVE
CVE
added 3 days ago12 views

CVE-2026-40469

In the provided documents, CVE-2026-40469 affects gawk, specifically 32-bit builds in versions 5.4.0 and earlier. The root cause is an integer overflow in the do_sub (subroutine) path within builtin.c, which could allow overwriting heap metadata and related objects, potentially causing the progra...

9.1CVSS6AI score0.00213EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 3 days ago5 views

Important: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update

An update for tomcat is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7AI score0.21691EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow vulnerability has been found in builtin.c program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and...

9.1CVSS6AI score0.00213EPSS
Exploits0References3
CVE
CVE
added 6 days ago20 views

CVE-2026-57156

FreeRDP (32-bit builds) before version 3.28.0 is affected by an integer overflow in update_read_delta_points (libfreerdp/core/orders.c) when multiplying attacker-controlled point count by sizeof(DELTA_POINT). This can cause the allocation of an undersized heap buffer, allowing a malicious RDP pee...

9.8CVSS6.2AI score0.00698EPSS
Exploits1References4Affected Software1
Rockylinux
Rockylinux
added 6 days ago7 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

7.5CVSS6.2AI score0.21691EPSS
Exploits6
Rockylinux
Rockylinux
added 6 days ago6 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

7.5CVSS7AI score0.21691EPSS
Exploits6
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-57293

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.28.0 Description FreeRDP clients on 32-bit builds contain an integer overflow in the update read delta points function within libfreerdp/core/orders.c. This occurs when multiplying an attacker-controlled point count...

9.8CVSS6.2AI score0.00698EPSS
Exploits2References13
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-58303

Stack-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before b30b63fc63b403907d8137da1c65aaa4521fe74e...

6.1CVSS6.2AI score0.00116EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 4:16 p.m.4 views

CVE-2026-14966

BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted...

3.1CVSS6.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/08 9:20 a.m.11 views

Important: Red Hat Security Advisory: Red Hat OpenShift Builds 1.7.4

Red Hat OpenShift Builds 1.7.4 Releases of Red Hat OpenShift Builds 1.7.4...

10CVSS6.8AI score0.00939EPSS
Exploits0References14
Fedora
Fedora
added 2026/07/08 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: helm-4.2.2-1.fc44

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Use Helm to: - Find and use popular software packaged as Helm Charts to run in Kubernetes - Share your own applications as Helm Charts - Create reproducible builds of your Kubernetes applications -...

8.6CVSS7.1AI score0.00178EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2026/07/07 10:5 p.m.6 views

CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

6AI score0.00407EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/07/06 7:16 p.m.6 views

CVE-2026-58404

Hugo is a static site generator. From v0.162.0 through v0.163.0, the default security.http.urls policy denies requests to loopback, internal, and cloud-metadata IPv4 literals, but the deny rule only matched dotted-decimal notation, so alternate IPv4 encodings of the same addresses, including...

6.8CVSS5.8AI score0.00208EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:27 p.m.11 views

BIT-PYTHON-MIN-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.4AI score0.00136EPSS
Exploits0References9
OSV
OSV
added 2026/07/06 3:27 p.m.7 views

BIT-PYTHON-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.5AI score0.00136EPSS
Exploits0References9
Rows per page
Query Builder