436 matches found
CVE-2026-6330
CVE-2026-6330 : In ML-KEM targeting ARM64 NEON, the ciphertext comparison only checks half of the input. This breaks the Fujisaki-Okamoto transform’s implicit rejection, weakening IND-CCA2 security on that path. The constant-time comparison thus ignores part of the re-encrypted ciphertext, allowi...
CVE-2026-6330
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
EUVD-2026-38786
A cross-site request forgery CSRF vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified username and password...
EUVD-2026-38779
A cross-site request forgery CSRF vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL using an attacker-specified username, API key, and service key...
CVE-2026-53901 Cerebrate before v1.37 allows mass assignment of record identifiers during object creation
Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add handler attempted to remove an attacker-supplied id from $params before normalizing the request through massageInput. Because the normalized $input could still contain an id field, a user...
Covert Channel
Overview Affected versions of this package are vulnerable to Covert Channel information exposure from CMSdecrypt and PKCS7decrypt. An attacker who can supply CMS or S/MIME messages and observe the application's error code and/or decryption output can use the victim's process as an adaptive chosen...
CVE-2026-49843
FreeSWITCH vulnerability CVE-2026-49843 affects mod_verto before version 1.11.1. The JSON-RPC handler binds the client-supplied sessid on the first frame prior to authentication, inserting the connection into the global session hash and evicting any prior occupant on key collision (sending verto....
CVE-2026-44319
Summary (fact-grounded): CVE-2026-44319 affects free5GC NEF prior to version 4.2.2, where an attacker-controlled PFD notifyUri can trigger asynchronous delivery failures that cause NEF to call Fatal and exit, resulting in a complete availability outage until restart. The vulnerability occurs in P...
CVE-2026-8340
Concrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersion. Victim with editfilecontents permission is CSRF'd into publishing an attacker-chosen previously-uploaded version downgrade to an older version of a file, or activation of a co-editor's unpublished version. The...
Concrete CMS 安全漏洞
Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier have security vulnerabilities. These vulnerabilities stem from a vulnerability that can be exploited by cross-site request forgery attacks. This could allow victims with...
GHSA-W76P-3CGP-QFCM Apache Polaris has an Improper Input Validation issue
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
Apache Polaris has an Improper Input Validation issue
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
CVE-2026-42809
Apache Polaris is affected via the staged-create path where an authenticated, low-privilege user can supply a custom location during stage create and request credential vending. Polaris issues broad temporary (vended) storage credentials tied to that location before normal validation and overlap ...
CVE-2026-42809 Apache Polaris: staged table creation could vend storage credentials for unvalidated locations
Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...
Juniper Junos OS Vulnerability (JSA100056)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100056 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge t...
PT-2026-30238
Name of the Vulnerable Software and Affected Versions CUPS versions 2.4.16 and prior Description A flaw exists in the CUPS printing system's cupsd daemon due to insufficient input validation when processing the textWithoutLanguage parameter. Successful exploitation allows a remote attacker to...
PT-2026-24785
🚨 CVE-2026-31878 Frappe is a full-stack web application framework. Prior to 14.100.1, 15.100.0, and 16.6.0, a malicious user could send a crafted request to an endpoint which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 14.100.1,...
CVE-2026-24685
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
CVE-2025-65835
The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...