Lucene search
K

33944 matches found

CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

VMware Spring Cloud Config 安全漏洞

VMware Spring Cloud Config is a configuration management solution for distributed systems developed by VMware, Inc. This product provides server and client support for external configurations in distributed systems. There is a security vulnerability in VMware Spring Cloud Config, which stems from...

8.1CVSS5.8AI score0.0022EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.13 views

PT-2026-38330

Name of the Vulnerable Software and Affected Versions Spring Cloud Config versions 3.1.0 through 3.1.13 Spring Cloud Config versions 4.1.0 through 4.1.9 Spring Cloud Config versions 4.2.0 through 4.2.6 Spring Cloud Config versions 4.3.0 through 4.3.2 Spring Cloud Config versions 5.0.0 through 5.0...

9.1CVSS5.9AI score0.00727EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.20 views

PT-2026-38329

Name of the Vulnerable Software and Affected Versions Spring Cloud Config versions 3.1.0 through 3.1.13 Spring Cloud Config versions 4.1.0 through 4.1.9 Spring Cloud Config versions 4.2.0 through 4.2.6 Spring Cloud Config versions 4.3.0 through 4.3.2 Spring Cloud Config versions 5.0.0 through 5.0...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References10
Talos
Talos
added 2026/05/07 12:0 a.m.8 views

Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...

8CVSS6.4AI score0.00418EPSS
Exploits0
Kaspersky
Kaspersky
added 2026/05/07 12:0 a.m.15 views

KLA91030 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azur...

10CVSS6.8AI score0.01164EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.11 views

CVE-2026-33975

Twenty is an open source CRM built with NestJS Node.js. In versions 1.18.0 and earlier, the SSRF protection in twenty-server's SecureHttpClientService can be bypassed using IPv4-mapped IPv6 addresses in URL IP literals. Node.js's URL parser normalizes IPv4-mapped IPv6 addresses to compressed hex...

8.3CVSS5.8AI score0.0024EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/06 8:7 p.m.9 views

Malicious code in playwright-atoned (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 250795bc04569c6f87e372e4b6bed019148a1c78f4357e8e430c1865acfead07 The package exfiltrates sensitive data like local environmental variables and cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/06 8:7 p.m.6 views

MAL-2026-3355 Malicious code in playwright-atoned (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 250795bc04569c6f87e372e4b6bed019148a1c78f4357e8e430c1865acfead07 The package exfiltrates sensitive data like local environmental variables and cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent,...

5.8AI score
Exploits0References1
Wolfi
Wolfi
added 2026/05/06 7:48 p.m.17 views

GHSA-FW8G-CG8F-9J28 vulnerabilities

Vulnerabilities for packages: splunk-otel-collector, jaeger, node-problem-detector, minio-object-browser, loki, fluent-bit-plugin-loki, telegraf, mc, prometheus-pushgateway, metrics-server, karma, certificate-transparency, keda, opentelemetry-collector, amazon-cloudwatch-agent-operator, prometheu...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.9 views

GHSA-FW8G-CG8F-9J28 vulnerabilities

Vulnerabilities for packages: jaeger, fluent-bit-plugin-loki, keda, prometheus-pushgateway, tempo, datadog-agent-fips, mcp-grafana-fips, mcp-grafana, nrdot-collector-k8s-fips, ops-agent, trillian, trillian-fips, jaeger-fips, prometheus-pushgateway-fips, datadog-agent,...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:57 p.m.8 views

CVE-2026-0300

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

9.3CVSS6.6AI score0.36157EPSS
Exploits6References2Affected Software1
GithubExploit
GithubExploit
added 2026/05/06 4:33 p.m.73 views

ExploitMind

ExploitMind Overview ExploitMind is an en...

5.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/05/06 4:0 p.m.8 views

Before the Breach, There Was a Test Environment

Key Takeaways Most security failures do not begin where they are discovered. By the time risk becomes visible in production, the decisions that created it are often already sitting in test environments. “Temporary” test infrastructure often becomes permanent, creating persistent misconfigurations...

6AI score
Exploits0
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27552

There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...

5.2CVSS6AI score0.00128EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.6 views

EUVD-2026-27550

Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability allows unauthenticated attacker to compromise Oracle Cloud Native Environment Command Line...

6.6CVSS6AI score0.00182EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/06 11:30 a.m.19 views

Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in undici

Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in undici CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2581. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-1525 DESCRIPTION:...

9.8CVSS7AI score0.0115EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/06 10:16 a.m.4 views

CVE-2026-35255

Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability allows unauthenticated attacker to compromise Oracle Cloud Native Environment Command Line...

6.6CVSS0.00182EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 10:16 a.m.7 views

CVE-2026-40001

There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...

5.2CVSS0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 8:48 a.m.8 views

CVE-2026-40001 Local privilege escalation vulnerability in ZTE PROCESS Guard service of the cloud computer client

There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...

5.2CVSS6AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 8:48 a.m.13 views

CVE-2026-40001

Technical details about CVE-2026-40001 are not publicly available in the provided documents. The two entries describe a local privilege escalation in ZTE PROCESS Guard but do not specify impacted versions, vulnerable components, or fixes. Monitor for updates.

5.2CVSS6AI score0.00128EPSS
Exploits0References1
Rows per page
Query Builder