CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/16 12:0 a.m.•10 views

Alibaba Cloud Linux 3 : 0159: poppler (ALINUX3-SA-2026:0159)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0159 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-10118: A flaw was found in Poppler's Splas...

7.8CVSS6.1AI score0.00252EPSS

Exploits0References2

EUVD•added 2026/06/15 9:30 p.m.•7 views

EUVD-2026-36797

In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is...

7.5CVSS5.2AI score0.00278EPSS

Exploits0References2

NVD•added 2026/06/15 8:16 p.m.•7 views

CVE-2026-41708

7.5CVSS0.00278EPSS

CVE•added 2026/06/15 7:34 p.m.•40 views

CVE-2026-47825

The CVE affects Spring Cloud Gateway Server components (WebMVC and WebFlux gateways) where headers from untrusted proxies (X-Forwarded-For, Forwarded) are forwarded in certain configurations. Root cause: forwarded-header handling without a trusted-proxy basis allows forged headers to reach downst...

8.6CVSS5.2AI score0.00139EPSS

Cvelist•added 2026/06/15 6:54 p.m.•28 views

CVE-2026-41708 Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability

7.5CVSS0.00278EPSS

Vulnrichment•added 2026/06/15 6:54 p.m.•17 views

CVE-2026-41708 Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability

7.5CVSS5.3AI score0.00278EPSS

CVE•added 2026/06/15 6:54 p.m.•23 views

CVE-2026-41708

The CVE describes a DoS vulnerability in Spring Cloud Sleuth via the Spring TX instrumentation when using vulnerable versions of org.springframework.cloud:spring-cloud-sleuth-instrumentation (SLEUTH 3.1.0–3.1.13). The root cause is exposure of the transaction instrumentation to crafted calls, all...

7.5CVSS5.2AI score0.00278EPSS

Exploits0References1Affected Software1

Rockylinux•added 2026/06/15 6:6 p.m.•11 views

kernel security update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

9.8CVSS5.2AI score0.00542EPSS

Microsoft Secure•added 2026/06/15 4:0 p.m.•8 views

Microsoft Defender email security benchmarking: Key insights from one year of data

Microsoft publishes quarterly email security benchmarking data comparing Microsoft Defender against secure email gateway SEG and integrated cloud email security ICES vendors using real-world threat telemetry. A year ago, we set out to change how email security effectiveness is measured. With our...

5.5AI score

OSV•added 2026/06/15 3:9 p.m.•5 views

MAL-2026-5784 Malicious code in vaults-monitor-cron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b81c6b9e59e86c40858cb47e91d597b3776fea71def7feb3ca11833625fa3923 On npm install, the package's preinstall hook node postinstall.js || true executes automatically. The script collects hostname, username, and current...

5.4AI score

Rockylinux•added 2026/06/15 12:6 p.m.•10 views

kernel security update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

9.8CVSS5.5AI score0.00542EPSS

Imperva Blog•added 2026/06/15 11:6 a.m.•7 views

Your Security Operations Team Just Got Faster: Meet Imperva’s AI Assistant.

There is a moment every security analyst knows well. It’s 2am , an alert fires, and you’re staring at a console trying to make sense of what just happened—fast. You need context, scope, and impact: What’s being targeted? Where is it coming from? Is it getting worse? What should we do next? That...

5.4AI score

Imperva Blog•added 2026/06/15 8:58 a.m.•16 views

Best WAAP Solutions for Enterprise Application Security: How to Choose the Right Platform in 2026

Key Takeaways The major enterprise WAAP solutions evaluated in this guide are Akamai, Cloudflare, F5, Fastly, Fortinet, Imperva, and Radware. In the most recent independent benchmarks, Akamai, Cloudflare, and Imperva were named Leaders in the Forrester Wave: Web Application Firewall Solutions, Q1...

5.5AI score

Positive Technologies•added 2026/06/15 12:0 a.m.•13 views

PT-2026-49304

Name of the Vulnerable Software and Affected Versions Spring Cloud Sleuth versions 3.1.0 through 3.1.13 Description A denial-of-service DoS condition can be triggered when a user provides specially crafted calls. This occurs in applications using the...

7.5CVSS5.2AI score0.00278EPSS

Tenable Nessus•added 2026/06/14 12:0 a.m.•5 views

SUSE SLES12 Security Update : google-cloud-sap-agent (SUSE-SU-2026:2348-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2348-1 advisory. This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport...

7.5CVSS5.5AI score0.00565EPSS

Tenable Nessus•added 2026/06/14 12:0 a.m.•6 views

SUSE SLES15 Security Update : google-cloud-sap-agent (SUSE-SU-2026:2372-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2372-1 advisory. This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport...

7.5CVSS5.5AI score0.00565EPSS