Lucene search
+L

4 matches found

EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-45368

A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. Affected is the function NewContextBuilder of the file pkg/agent/context.go. Such manipulation leads to inclusion of functionality from untrusted control sphere. The attack needs to be performed locally. The exploit has be...

5.3CVSS5.2AI score
Exploits0References6
OSV
OSV
added 2026/06/12 4:16 p.m.8 views

UBUNTU-CVE-2026-50010

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers and related paths wrap any user-supplied plain X509TrustManager in X509TrustManagerWrapper, which extends...

7.5CVSS5.3AI score0.00269EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/25 4:59 p.m.9 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in JexlContextBuilder. An administrator user with entitlements for Derived Schemas and User read can access other users' passwordHistory, securityAnswer, token, tokenExpireTime, and cipherAlgorithm values via...

5.1CVSS5.8AI score0.00436EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/25 3:0 p.m.13 views

CVE-2026-42797 Apache Syncope: JexlContextBuilder Information Disclosure

Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which allows any administrator with sufficient entitlements for User read to access User-related...

5.8AI score0.00436EPSS
Exploits0References1
Rows per page
Query Builder