Lucene search
K

245 matches found

OSV
OSV
added 2026/04/02 6:42 p.m.4 views

GO-2026-4906 nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI

nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI...

7.5CVSS5.9AI score0.00534EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29949

nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI...

7.5CVSS5.9AI score0.00534EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/03/31 5:1 p.m.4 views

CVE-2026-32725

SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass when processing path-based scopes in tokens. The library normalizes the scope path from the token before authorization and collapses "....

8.3CVSS5.3AI score0.00834EPSS
Exploits1
EUVD
EUVD
added 2026/03/30 4:34 p.m.3 views

EUVD-2026-17152

nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse...

7.1CVSS5.9AI score0.00534EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.8 views

SUSE CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References5
NVD
NVD
added 2026/03/25 11:16 a.m.5 views

CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

5.5CVSS0.00119EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 11:16 a.m.7 views

UBUNTU-CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.10 views

CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References6
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23375 mm: thp: deny THP for files on anonymous inodes

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.26 views

CVE-2026-23375 mm: thp: deny THP for files on anonymous inodes

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

0.00119EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 10:27 a.m.18 views

CVE-2026-23375

CVE-2026-23375 (Linux kernel THP for anonymous inodes) – concrete details in connected docs : The issue arises from file_thp_enabled() incorrectly allowing/thp collapse for anonymous inodes created via alloc_file_pseudo() (e.g., guest_memfd, secretmem), enabling khugepaged/MADV_COLLAPSE exploits ...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-23375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files a...

5.5CVSS6AI score0.00119EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Yamux 安全漏洞

Yamux is a multiplexer developed under the open-source Libp2p project in the United States. Versions of Yamux prior to 0.13.10 contained security vulnerabilities. These vulnerabilities stemmed from the possibility of triggering a panic when processing specially crafted inbound Data frames. Such...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References1
NVD
NVD
added 2026/03/07 6:16 a.m.9 views

CVE-2026-30827

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. Th...

7.5CVSS0.00455EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/07 5:19 a.m.6 views

CVE-2026-30827

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. Th...

7.5CVSS5.8AI score0.00455EPSS
Exploits1References3Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2026/02/25 1:56 p.m.14 views

The Post-RAMP Era: Allegations, Fragmentation, and the Rebuilding of the Ransomware Underground

Executive summary The January 2026 seizure of RAMP disrupted a major ransomware coordination hub, but it did not dismantle the ecosystem behind it. Instead, it destabilized trust and accelerated fragmentation across the underground. Rather than consolidating around a single successor, ransomware...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/11 1:33 a.m.6 views

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

5.5CVSS5AI score0.00185EPSS
Exploits1References1
NVD
NVD
added 2026/02/10 12:16 a.m.5 views

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

5.5CVSS0.00185EPSS
Exploits1References8
OSV
OSV
added 2026/02/10 12:16 a.m.5 views

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

5.5CVSS5AI score
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/02/10 12:2 a.m.4 views

CVE-2026-2258 aardappel lobster wfc.h WaveFunctionCollapse memory corruption

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

4.8CVSS4.9AI score0.00185EPSS
Exploits1References8
Rows per page
Query Builder