940 matches found
CVE-2026-40923 vulnerabilities
Vulnerabilities for packages: tkn, tekton-chains-fips, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains...
CVE-2026-40924 vulnerabilities
Vulnerabilities for packages: tkn, tekton-chains-fips, tekton-pipelines, tkn-fips, tekton-pipelines-fips, tekton-chains...
ctf-writeups
ctf-writeups Retos de HTB, TryHackMe y DFIR — documentado...
FreeBSD : zeek -- potential DoS vulnerabilities (0d8b1126-0864-4934-b63f-c713526ead32)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0d8b1126-0864-4934-b63f-c713526ead32 advisory. Tim Wojtulewicz of Corelight reports: A series of DNS messages containing long DNS compression chains c...
CVE-2026-39984 vulnerabilities
Vulnerabilities for packages: flux-source-controller, buildkitd, sigstore-scaffolding, kyverno, neuvector-sigstore-interface, docker-cli-buildx, tkn, cosign, gitsign, vexctl, trivy-operator, spire-server, witness, goreleaser, gh, tekton-chains, falcoctl, zarf, zot, trivy, crossplane, tflint,...
GHSA-XM5M-WGH2-RRG3 vulnerabilities
Vulnerabilities for packages: flux-source-controller, buildkitd, sigstore-scaffolding, kyverno, neuvector-sigstore-interface, docker-cli-buildx, tkn, cosign, gitsign, vexctl, trivy-operator, spire-server, witness, goreleaser, gh, tekton-chains, falcoctl, zarf, zot, trivy, crossplane, tflint,...
GHSA-6R77-HQX7-7VW8 Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains
Summary A Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass th...
OpenTofu has unbounded memory usage, high CPU usage, or deadlock in "tofu init" with maliciously-crafted dependency responses
Impact Unauthenticated denial of service. Summary When installing module packages from attacker-controlled sources, tofu init may use unbounded memory, cause high CPU usage, or deadlock when encountering maliciously-crafted TLS certificate chains or tar archives. Those who depend on modules or...
coruna-exploit-kit-analysis
Coruna iOS Exploit Kit — Reverse Engineering Analysis Def...
vulnswarm
VulnSwarm AI-powered vulnerability discovery using multi-agen...
BIT-GOLANG-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
assemblylift-cli (>=0.4.0-alpha.5 <=0.4.0-alpha.11), assemblylift-core (>=0.4.0-alpha.10 <=0.4.0-alpha.11) +108 more potentially affected by CVE-2026-34971 via wasmtime (>=0.10.0 <=2.0.2)
wasmtime CARGO version =0.10.0, =0.4.0-alpha.5, =0.4.0-alpha.10, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.44.0 and more Source cves: CVE-2026-34971 Source advisory: OSV:RUSTSEC-2026-0096...
SUSE CVE-2026-32281
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
DEBIAN-CVE-2026-32281
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
CVE-2026-32281
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
CVE-2026-32281
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
EUVD-2026-20010
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
CVE-2026-32281
CVE-2026-32281 : In Go, policy validation for X.509 certificate chains can be inefficient when many policy mappings are present, potentially enabling a denial-of-service on validation of otherwise trusted chains. The OpenSUSE advisories note fixes in Go updates: go1.25.9 and go1.26.2, with SUSE p...
CVE-2026-32281 Inefficient policy validation in crypto/x509
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
CVE-2026-32281
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...