Lucene search
K

18073 matches found

Circl
Circl
added yesterday2 views

CVE-2026-48849

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:42+00:00| seen| https://t.me/GithubRedTeam/88901 2026-07-14 00:00:41+00:00| seen| https://t.me/GithubRedTeam/88901...

4.4CVSS6.1AI score0.00239EPSS
Exploits1References1
Circl
Circl
added yesterday3 views

CVE-2026-11784

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:23+00:00| seen| https://t.me/GithubRedTeam/89640 2026-07-14 00:00:38+00:00| seen| https://t.me/GithubRedTeam/89640...

4.3CVSS6.1AI score0.00157EPSS
Exploits1References1
Circl
Circl
added yesterday2 views

CVE-2020-8636

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:19+00:00| seen| https://t.me/GithubRedTeam/90443 2026-07-14 00:00:36+00:00| seen| https://t.me/GithubRedTeam/90443...

10CVSS7AI score0.04014EPSS
Exploits0References1
Circl
Circl
added yesterday2 views

CVE-2026-25194

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:07+00:00| seen| https://t.me/GithubRedTeam/92513 2026-07-14 00:00:17+00:00| seen| https://t.me/GithubRedTeam/92513...

6.1AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-9824

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to check the managesharedchannels permission in the /share-channel autocomplete handler, which allows an authenticated user without that permission to enumerate configured remote cluster connection metadata via slash...

4.3CVSS6.1AI score
Exploits0References1Affected Software1
EUVD
EUVD
added yesterday5 views

EUVD-2026-43308

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to validate that an assigned incoming webhook user has access to the target team or channel, which allows a requester with webhook management permissions to create posts or direct messages attributed to another user via...

4.9CVSS6.1AI score0.0021EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-43307

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify post ownership in the shared channel inbound sync handler, which allows an authenticated remote cluster to modify or delete posts authored by local users or other remotes via crafted sync messages referencing...

4.3CVSS6.2AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-43312

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS6.1AI score0.00174EPSS
Exploits0References2
NVD
NVD
added yesterday3 views

CVE-2026-10106

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS0.00174EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-10106

Mattermost vulnerable versions: 11.7.x ≤ 11.7.2, 11.6.x ≤ 11.6.4, and 10.11.x ≤ 10.11.19. The issue stems from failing to verify that the channel referenced in an action cookie matches the target post’s channel, enabling an authenticated user without access to a private channel to trigger interac...

6.5CVSS6.1AI score0.00174EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-10106 Unauthorized users can trigger interactive post actions in private channels via action cookie channel mismatch in Mattermost

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS0.00174EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-10085

Mattermost is affected in versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, and 10.11.x

5.4CVSS6.1AI score0.0017EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday4 views

gimp: gimp: Heap buffer overflow in read_channel_data()

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References6
Circl
Circl
added 2 days ago4 views

CVE-2019-0825

creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:14+00:00| seen| https://t.me/securixykz/495 2026-07-13 00:00:38+00:00| seen| https://t.me/securixykz/495 2026-07-14 00:00:54+00:00| seen| https://t.me/securixykz/495...

7.8CVSS7AI score0.10551EPSS
Exploits0References1
Circl
Circl
added 2 days ago4 views

CVE-2024-21007

creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:11+00:00| seen| https://t.me/securixykz/912 2026-07-13 00:00:35+00:00| seen| https://t.me/securixykz/912 2026-07-14 00:00:58+00:00| seen| https://t.me/securixykz/912...

7.5CVSS6.7AI score0.0065EPSS
Exploits0References1
Circl
Circl
added 2 days ago2 views

GHSA-R389-865G-HCG3

creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:09+00:00| seen| https://t.me/securixykz/1030 2026-07-13 00:00:34+00:00| seen| https://t.me/securixykz/1030 2026-07-14 00:01:00+00:00| seen| https://t.me/securixykz/1030...

6.1AI score
Exploits0References1
Circl
Circl
added 2 days ago3 views

GHSA-FH4V-V779-4G2W

creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:09+00:00| seen| https://t.me/securixykz/1104 2026-07-13 00:00:33+00:00| seen| https://t.me/securixykz/1104 2026-07-14 00:01:01+00:00| published-proof-of-concept| https://t.me/securixykz/1104...

6.1AI score
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-56240

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS0.00182EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-43169

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS6.1AI score0.00182EPSS
Exploits0References2
NVD
NVD
added 4 days ago4 views

CVE-2026-57218

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.updatesecret refresh to reduced scopes because existing consumers are not canceled or reauthorized at delivery time after...

6.5CVSS0.00269EPSS
Exploits1References6
Rows per page
Query Builder