936 matches found
JLSEC-2026-235 A security vulnerability has been identified in all supported versions of OpenSSL related to the...
A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of...
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lea...
aws-solutions QnABot on AWS 代码注入漏洞
aws-solutions QnABot on AWS is a multilingual chatbot developed by the aws-solutions company. Versions of aws-solutions QnABot on AWS prior to version 7.2.4 contained a code injection vulnerability. This vulnerability stemmed from improper use of static evaluated npm packages. It could allow...
crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building
A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...
CVE-2026-41271 Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests t...
GHSA-M2CX-GPQF-QF74 vulnerabilities
Vulnerabilities for packages: tkn, tekton-pipelines, tekton-chains...
CVE-2026-40923 vulnerabilities
Vulnerabilities for packages: tkn, tekton-pipelines, tekton-chains...
CVE-2026-40924 vulnerabilities
Vulnerabilities for packages: tkn, tekton-pipelines, tekton-chains...
CVE-2026-40938 vulnerabilities
Vulnerabilities for packages: tkn, tekton-pipelines, tekton-chains...
GHSA-RX35-6RHX-7858 vulnerabilities
Vulnerabilities for packages: tkn, tekton-pipelines, tekton-chains...
GHSA-94JR-7PQP-XHCQ vulnerabilities
Vulnerabilities for packages: tkn, tekton-pipelines, tekton-chains...
GHSA-M2CX-GPQF-QF74 vulnerabilities
Vulnerabilities for packages: tekton-chains, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains-fips, tkn...
GHSA-94JR-7PQP-XHCQ vulnerabilities
Vulnerabilities for packages: tekton-chains, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains-fips, tkn...
CVE-2026-40923 vulnerabilities
Vulnerabilities for packages: tekton-chains, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains-fips, tkn...
CVE-2026-40924 vulnerabilities
Vulnerabilities for packages: tekton-chains, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains-fips, tkn...
GHSA-RX35-6RHX-7858 vulnerabilities
Vulnerabilities for packages: tekton-chains, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains-fips, tkn...
CVE-2026-40938 vulnerabilities
Vulnerabilities for packages: tekton-chains, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains-fips, tkn...
ctf-writeups
ctf-writeups Retos de HTB, TryHackMe y DFIR — documentado...
FreeBSD : zeek -- potential DoS vulnerabilities (0d8b1126-0864-4934-b63f-c713526ead32)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0d8b1126-0864-4934-b63f-c713526ead32 advisory. Tim Wojtulewicz of Corelight reports: A series of DNS messages containing long DNS compression chains c...
GHSA-XM5M-WGH2-RRG3 vulnerabilities
Vulnerabilities for packages: falcoctl, spire-server, skaffold, ko, vexctl, cosign, flux-source-controller, witness, zarf, gh, buildkitd, docker-cli-buildx, sigstore-scaffolding, trivy-operator, gitsign, docker, kubescape, trivy, neuvector-sigstore-interface, policy-controller, tkn, aactl, kyvern...