Lucene search
K

39 matches found

OSV
OSV
added 6 days ago2 views

CVE-2026-55604 @arikusi/deepseek-mcp-server has an Authorization Bypass Through User-Controlled Key

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...

8.6CVSS6.1AI score0.00225EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: BPF: Narrow access to the pointer ctx fields is now rejected. The following BPF program, simplified from a syzkaller repro, causes a kernel warning: c r0 = u8 r1 + 169; exit; Here, the pointer field sk is located at offset 168 in...

5.5CVSS6.1AI score0.0018EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.16 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013292)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013292 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a...

5.5CVSS5.6AI score0.0018EPSS
Exploits0References4
NVD
NVD
added 2026/03/19 10:16 p.m.6 views

CVE-2026-32027

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where DM pairing-store identities are incorrectly eligible for group allowlist authorization checks. Attackers can exploit this cross-context authorization flaw by using a sender approved via DM pairing to satisfy...

7.1CVSS0.00238EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Prevent tail calls between programs attached to different hooks Programs progs can be attached to kernel functions, and these attached functions may take different parameters or return different return values. If a program...

7.8CVSS6.3AI score0.00231EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/22 10:31 p.m.18 views

CVE-2025-65109

Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions from 0.0.72 to 0.0.83, Minder users may fetch content in the context of the Minder server, which may include URLs which the user would not normally have acce...

8.5CVSS6.8AI score0.00249EPSS
Exploits0References2
CVE
CVE
added 2025/10/23 11:29 a.m.28 views

CVE-2025-62395

CVE-2025-62395 affects Moodle LMS via a flaw in the cohort search web service. The issue allows users with permissions in lower contexts to access cohort information from the system context, potentially exposing restricted administrative data. The Connected documents confirm the vulnerability des...

4.3CVSS6.1AI score0.00227EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-27920

Malicious code in bioql PyPI...

6.2AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.8 views

PT-2025-44146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to insufficient access checks within the bpf sock addr structure. Specifically, the sock addr is valid access function did not explicitly rejec...

4.6CVSS5.8AI score0.00197EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-38591

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169...

5.5CVSS6.2AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.3 views

SUSE CVE-2025-38591

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

4.4CVSS6.4AI score0.0018EPSS
Exploits0References23
OSV
OSV
added 2025/08/19 5:15 p.m.16 views

AZL-66440 CVE-2025-38591 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2025/08/19 5:15 p.m.13 views

AZL-71033 CVE-2025-38591 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2025/08/19 5:15 p.m.8 views

CVE-2025-38591

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS0.0018EPSS
Exploits0References7
OSV
OSV
added 2025/08/19 5:15 p.m.4 views

UBUNTU-CVE-2025-38591

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References27
CVE
CVE
added 2025/08/19 5:3 p.m.59 views

CVE-2025-38591

CVE-2025-38591 affects the Linux kernel and is resolved by a patch in the BPF verifier. The issue involved a narrowing context access check in BPF, where a program attempted to read a pointer field (offset 169) in __sk_buff (field sk at offset 168). The verifier incorrectly allowed this “narrower...

5.5CVSS7AI score0.0018EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2025/08/19 5:3 p.m.11 views

CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

0.0018EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/08/19 5:3 p.m.4 views

CVE-2025-38591

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS5.2AI score0.0018EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/08/19 5:3 p.m.7 views

CVE-2025-38591

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS5.2AI score0.0018EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2025/08/19 5:3 p.m.5 views

CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

5.5CVSS6AI score0.0018EPSS
Exploits0References10
Rows per page
Query Builder