Lucene search
K

12426 matches found

CVE
CVE
added 2026/05/27 5:26 p.m.38 views

CVE-2026-5509

The CVE-2026-5509 entry describes an authenticated command-injection flaw in TP-Link Archer BE450 v1 and BE7200 v1 routers. After logging into the admin web interface, an attacker can inject crafted input via the browser’s developer console that is passed to backend system commands without suffic...

8.5CVSS6.2AI score0.02458EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/05/27 5:16 p.m.23 views

CVE-2026-48027

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.8CVSS0.0185EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:50 p.m.12 views

CVE-2026-48027

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.3CVSS5.8AI score0.0185EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/27 3:50 p.m.127 views

CVE-2026-48027 Compromised Nx Console version 18.95.0

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.3CVSS0.0185EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/27 3:50 p.m.9 views

CVE-2026-48027 Compromised Nx Console version 18.95.0

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.3CVSS5.8AI score0.0185EPSS
Exploits1References4
CVE
CVE
added 2026/05/27 3:50 p.m.62 views

CVE-2026-48027

Summary: CVE-2026-48027 affects Nx Console, a UI for Nx & Lerna. A malicious copy of Nx Console version 18.95.0 was published briefly in Visual Studio Marketplace (and OpenVSX) around 12:30–12:48 UTC (≈18 minutes) and 12:33–13:09 UTC (≈36 minutes) respectively. The compromised package allowed cod...

9.8CVSS5.8AI score0.0185EPSS
In wildExploits1References5Affected Software1
EUVD
EUVD
added 2026/05/27 3:50 p.m.13 views

EUVD-2026-32550

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.8CVSS5.8AI score0.0185EPSS
Exploits1References4
CISA
CISA
added 2026/05/27 12:0 p.m.451 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-8398link is external Daemon Tools Lite Embedded Malicious Code Vulnerability CVE-2026-45321link is external TanStack Unspecified Vulnerability...

9.8CVSS6AI score0.02342EPSS
In wildExploits5References8
GithubExploit
GithubExploit
added 2026/05/27 7:37 a.m.129 views

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

LAB 2 - CVE-2017-10271: WebLogic XMLDecoder Deserialization Wr...

7.5CVSS8.2AI score0.99993EPSS
Exploits45
SUSE CVE
SUSE CVE
added 2026/05/27 2:52 a.m.15 views

SUSE CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References6
CISA KEV Catalog
CISA KEV Catalog
added 2026/05/27 12:0 a.m.17 views

Nx Console Embedded Malicious Code Vulnerability

Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfuscated payload that could harvested credentials from multiple sources on disk and in memory...

9.8CVSS5.9AI score0.0185EPSS
In wildExploits1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Nx Console 安全漏洞

Nx Console is an open-source repository management interface that supports visual workflows and AI enhancements. Version Nx Console 18.95.0 contains a security vulnerability. This vulnerability stems from the release of a malicious version on the Visual Studio Marketplace and OpenVSX, which could...

9.8CVSS5.8AI score0.0185EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2026/05/27 12:0 a.m.16 views

VulnCheck KEV: CVE-2026-48027

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.8CVSS5.8AI score0.0185EPSS
In wildExploits1References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-44044

Name of the Vulnerable Software and Affected Versions Nx Console version 18.95.0 Description A supply chain compromise occurred where a malicious version of Nx Console, the user interface for Nx and Lerna, was published to official marketplaces. The compromised version was available in the Visual...

9.8CVSS5.8AI score0.0185EPSS
Exploits1References23
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.15 views

CVE-2026-9302

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

6.5CVSS6.3AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.17 views

CVE-2026-8652

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

8.5CVSS6AI score0.00722EPSS
Exploits0References1
OSV
OSV
added 2026/05/26 3:32 p.m.2 views

GHSA-7JCP-V9W4-WJMG KubeVirt has a Link Following vulnerability

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References17
NVD
NVD
added 2026/05/26 2:16 p.m.20 views

CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

9.9CVSS0.00596EPSS
Exploits0References13
EUVD
EUVD
added 2026/05/26 1:14 p.m.8 views

EUVD-2026-31824

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/26 1:14 p.m.10 views

CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References13
Rows per page
Query Builder