SUSE CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

vulnx 2.0.0

vulnx is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...

Ruckus Wireless多款产品 安全漏洞

Ruckus Wireless SmartZone is a high-performance WLAN controller from Ruckus Technologies. Several products of Ruckus Wireless have security vulnerabilities. These vulnerabilities stem from arbitrary file reading vulnerabilities in the command-line interface, which could allow authenticated remote...

Linux Distros Unpatched Vulnerability : CVE-2026-33247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run wi...

CVE-2026-33247

A flaw was found in NATS-Server. If the NATS-Server is configured with static credentials provided through command-line arguments argv and the monitoring port is enabled, a remote attacker with access to the monitoring port can view these credentials. The /debug/vars endpoint on the monitoring po...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247

CVE-2026-33247 affects the NATS-Server (NATS.io). Prior to versions 2.11.15 and 2.12.6, running nats-server with static credentials provided via argv causes those credentials to be visible to any user who can see the monitoring port; the /debug/vars endpoint exposes an unredacted argv. A fix is a...

CVE-2026-33247 NATS credentials are exposed in monitoring port via command-line argv

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

@grackle-ai/cli (>=0.0.2 <=0.138.1) potentially affected by unknown CVE via @grackle-ai/server (>=0.0.2 <=0.70.4)

@grackle-ai/server NPM version =0.0.2, =0.0.2, =0.138.1 Source cves: unknown CVE Source advisory: SNYK:JS-GRACKLEAISERVER-15840038...

@grackle-ai/cli (>=0.0.2 <=0.138.1) potentially affected by unknown CVE via @grackle-ai/server (>=0.0.2 <=0.70.0)

@grackle-ai/server NPM version =0.0.2, =0.0.2, =0.138.1 Source cves: unknown CVE Source advisory: SNYK:JS-GRACKLEAISERVER-15840033...

NightOwl

NightOwl Advanced Penetration Testing Framework A modula...

CVE-2026-20110

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit th...

CVE-2026-23374

CVE-2026-23374 affects the Linux kernel blktrace path. The root cause is tracing_record_cmdline() using __this_cpu_read()/__this_cpu_write() on a per-CPU variable while preemption is enabled, which is unsafe and triggers a kernel BUG in preemptible code through __blk_add_trace() paths. Public wri...

BIT-LIBPYTHON-2026-4519 webbrowser.open() allows leading dashes in URLs

The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open...

SUSE CVE-2026-31863

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

PT-2026-27794

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Cisco IOS XE Software Command Line Interface CLI that could allow a local, authenticated attacker to trigger a denial of service DoS condition on a vulnerab...