Lucene search
K

136 matches found

CVE
CVE
added 5 days ago15 views

CVE-2026-57850

RustDesk before 1.4.9 fails to enforce a session’s authorized connection scope on the server side. A peer with a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal) can send control messages and login options intended for a full Remote session, enabling actions outside its g...

8.7CVSS6.1AI score0.00334EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-43008

RustDesk before 1.4.9 does not enforce a session's authorized connection scope on the server side, so a peer granted a limited session type FileTransfer, PortForward, ViewCamera, or Terminal can send control messages and login options reserved for a full Remote session. An authenticated remote pe...

8.7CVSS6.1AI score0.00334EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53223

In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...

7.1CVSS5.7AI score0.00131EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.10 views

CVE-2026-52939

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS component. An unprivileged local user can trigger a kernel panic by sending a specially crafted atomic control message cmsg over an active RDS/InfiniBand IB connection. This issue is caused by improper handling of masked atomic...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/24 4:29 a.m.7 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.9AI score0.00563EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.11 views

CVE-2026-7415

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization...

9.8CVSS5.5AI score0.00544EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/01 12:15 a.m.25 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.36 views

CVE-2026-43428 USB: core: Limit the length of unkillable synchronous timeouts

In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usbcontrolmsg, usbbulkmsg, and usbinterruptmsg APIs in usbcore allow unlimited timeout durations. And since they use uninterruptible waits, this leaves open the...

0.00123EPSS
Exploits0References8
NVD
NVD
added 2026/05/07 5:15 p.m.30 views

CVE-2026-7415

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization...

9.8CVSS0.00544EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/07 4:11 p.m.8 views

CVE-2026-7415 Open MQTT orchestration without read/write ACLs in Yarbo robot firmware

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization...

9.8CVSS5.8AI score0.00544EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/07 4:11 p.m.58 views

CVE-2026-7415 Open MQTT orchestration without read/write ACLs in Yarbo robot firmware

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization...

9.8CVSS0.00544EPSS
Exploits1References2
CVE
CVE
added 2026/05/07 4:11 p.m.32 views

CVE-2026-7415

The CVE-2026-7415 vulnerability affects the MQTT broker embedded in Yarbo firmware v2.3.9. The broker is configured to allow anonymous connections with no topic-level read/write ACLs, enabling any host on the same network to subscribe to sensitive telemetry topics or publish control messages dire...

9.8CVSS5.8AI score0.00544EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/07 4:11 p.m.10 views

CVE-2026-7415

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization...

9.8CVSS5.8AI score0.00544EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

Yarbo 访问控制错误漏洞

Yarbo is a modular intelligent courtyard maintenance robot developed by the American company Yarbo. Version 2.3.9 of Yarbo contains an access control vulnerability. This vulnerability stems from the MQTT proxy configuration, which allows anonymous connections without topic-level read/write ACLs. ...

9.8CVSS5.8AI score0.00544EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007578)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007578 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usbcontrolmsg routines Automatic kernel fuzzing led to a WARN about invali...

5.5CVSS6.1AI score0.00151EPSS
Exploits0References4
OSV
OSV
added 2026/04/13 1:21 p.m.1 views

CVE-2026-31415 ipv6: avoid overflows in ip6_datagram_send_ctl()

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6datagramsendctl Yiming Qian reported : I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via skbunderpanic local DoS. The core issue i...

5.5CVSS6AI score0.00108EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/03/13 9:39 p.m.33 views

CVE-2026-32724 PX4 autopilot has a heap Use-After-Free in MavlinkShell::available() via SERIAL_CONTROL Race Condition

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc1, a heap-use-after-free is detected in the MavlinkShell::available function. The issue is caused by a race condition between the MAVLink receiver thread which handles shell creation/destruction and the telemetry sender thre...

5.3CVSS0.00251EPSS
Exploits1References1
OSV
OSV
added 2026/01/17 3:29 p.m.17 views

CLSA-2026-1768663754 kernel: Fix of 38 CVEs

ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 CVE-2025-38249 - drm/i915/gt: Fix timeline left held on VMA alloc error CVE-2025-38389 - md/raid1: Fix stack memory use after return in raid1reshape CVE-2025-38445 - atm: clip: Fix infinite recursive call of clippush...

7.8CVSS7AI score0.00294EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000680)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000680 advisory. Race condition in the inetfragintern function in net/ipv4/inetfragment.c in the Linux kernel through 3.13.6 allows remote attackers to cause a denial of service...

9.3CVSS6.2AI score0.02985EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.6 views

CVE-2021-28362

An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked with respec...

7.5CVSS7.1AI score0.01307EPSS
Exploits0References1
Rows per page
Query Builder