Lucene search
+L

994 matches found

Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-54496 Missing copy constraint in halo2_gadgets variable-base scalar multiplication allows under-constrained base, breaking Orchard Action circuit soundness

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad 5.0.0, halo2gadgets 0.5.0, orchard 0.14.0, zcashprimitives 0.28.0, and zcashd 6.20.0, the variable-base scalar multiplication gadget in halo2gadgets/src/ecc/chip/mul/incomplete.rs used assignadvice for the base point without a copy...

9.3CVSS0.00315EPSS
Exploits0References7
CVE
CVE
added 2 days ago15 views

CVE-2026-54496

CVE-2026-54496 affects Zebrad and related crates (halo2_gadgets, orchard, zcash_primitives, zcashd) prior to fixed versions. Root cause: the variable-base scalar multiplication gadget uses assign_advice() to feed the base point in halo2_gadgets—without a copy constraint tying it to the real base—...

9.3CVSS5.3AI score0.00315EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2 days ago7 views

CVE-2026-54496

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad 5.0.0, halo2gadgets 0.5.0, orchard 0.14.0, zcashprimitives 0.28.0, and zcashd 6.20.0, the variable-base scalar multiplication gadget in halo2gadgets/src/ecc/chip/mul/incomplete.rs used assignadvice for the base point without a copy...

9.3CVSS5.4AI score0.00315EPSS
Exploits0References8Affected Software5
OSV
OSV
added 2 days ago5 views

CVE-2026-54496 Missing copy constraint in halo2_gadgets variable-base scalar multiplication allows under-constrained base, breaking Orchard Action circuit soundness

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad 5.0.0, halo2gadgets 0.5.0, orchard 0.14.0, zcashprimitives 0.28.0, and zcashd 6.20.0, the variable-base scalar multiplication gadget in halo2gadgets/src/ecc/chip/mul/incomplete.rs used assignadvice for the base point without a copy...

9.3CVSS5.3AI score0.00315EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-59083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allowed security constraint bypass for some configurations. This...

9.1CVSS5.4AI score0.00376EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago5 views

crypto/x509: Incorrect enforcement of email constraints in crypto/x509

A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly...

7.5CVSS6.9AI score0.00606EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 4 days ago8 views

RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0 (golang-github-openstack-k8s-operators-os-diff) (RHSA-2026:39810)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:39810 advisory. Security Fixes: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 golang: Denial of Service due to excessive...

8.8CVSS6.9AI score0.01945EPSS
Exploits2References22
OSV
OSV
added 5 days ago8 views

JLSEC-2026-755 X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A...

X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...

7.5CVSS6.1AI score0.00124EPSS
Exploits0References5
OSV
OSV
added 5 days ago6 views

JLSEC-2026-696 Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A...

Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...

6.3CVSS6.1AI score0.00124EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago27 views

CVE-2026-59083 Apache Tomcat: Incorrect URL decoding in RewriteValve may allow security control bypass

Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allowed security constraint bypass for some configurations. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.23, from 10.1.0-M1 through 10.1.56, from 9.0.0.M1 through 9.0.119, from 8.5.0...

0.00376EPSS
Exploits0References1
OSV
OSV
added 6 days ago4 views

SUSE-SU-2026:2924-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: incorrectly accepted domain names due to comparison during name constraints processing being case-sensitive bsc1263707. - CVE-2026-5260: heap overread when processing extremely short premaster secret as part of an RSA key exchange...

8.2CVSS6.7AI score0.00727EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-57700

Name of the Vulnerable Software and Affected Versions Themefic Hydra Booking versions prior to 1.1.45 Description Stored Cross-site Scripting XSS occurs due to improper neutralization of input during web page generation. This allows an attacker to inject malicious scripts that are stored on the...

7.1CVSS6.1AI score0.0018EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/09 6:56 p.m.6 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2026/07/09 8:1 a.m.6 views

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server.

...

5.4CVSS6.1AI score0.00241EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/09 7:38 a.m.5 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/09 5:35 a.m.8 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.7 views

SUSE SLED15: jackson-annotations / jackson-core / jackson-databind / etc (SUSE-SU-2026:2801-1)

"The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2801-1 advisory. This update for jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-dataformats- binary...

8.1CVSS6.2AI score0.00695EPSS
Exploits1References14
OSV
OSV
added 2026/07/08 7:5 p.m.3 views

SUSE-SU-2026:2801-1 Security update for jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-dataformats-binary, jackson-modules-base, jackson-parent

This update for jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-dataformats-binary, jackson-modules-base, jackson-parent fixes the following issues - CVE-2026-54512: jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary...

8.1CVSS6.2AI score0.00695EPSS
Exploits1References10
NVD
NVD
added 2026/07/08 1:16 a.m.8 views

CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS0.00241EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 1:16 a.m.6 views

DEBIAN-CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS6AI score0.00241EPSS
Exploits0References1
Rows per page
Query Builder