Lucene search
K

612 matches found

NVD
NVD
added 2026/06/04 4:16 p.m.13 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS0.0016EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/04 12:0 a.m.12 views

EUVD-2026-34294

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46407

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...

8.7CVSS5.8AI score0.00386EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS. This vulnerability arises when configuring IPsec, where specially crafted packets may cause the data plane to stop...

8.7CVSS5.3AI score0.00386EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.9 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

5.8AI score0.0016EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/06/01 10:29 a.m.8 views

com.infobip.kafkistry:kafkistry-app (>=0.7.0 <=0.10.1), com.infobip.kafkistry:kafkistry-auditing (>=0.7.0 <=0.10.1) +19 more potentially affected by CVE-2026-48827 via org.apache.sshd:sshd-git (>=2.10.0 <=2.17.1)

org.apache.sshd:sshd-git MAVEN version =2.10.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.9.9, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.62.0, =2.25.0, =1.1.0, =1.1.1 and more Source cves: CVE-2026-48827 Source advisory: SNYK:JAVA-ORGAPACHESSHD-17151844...

7.1CVSS5.7AI score0.00527EPSS
Exploits0
Snyk
Snyk
added 2026/05/29 5:22 p.m.10 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the chat.send route. An attacker can perform unauthorized privileged actions by leveraging inherited external routes to bypass required scope checks, enabling...

8.8CVSS5.5AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 6:16 p.m.35 views

CVE-2026-45021

Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin bootstrap token and signing keys to any webpage the operator visits while the control plane is...

5.1CVSS0.00204EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 5:45 p.m.12 views

EUVD-2026-32966

Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin bootstrap token and signing keys to any webpage the operator visits while the control plane is...

5.1CVSS5.8AI score0.00204EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.14 views

SUSE CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

6.6CVSS5.8AI score0.00123EPSS
Exploits0References11
EUVD
EUVD
added 2026/05/27 9:54 p.m.14 views

EUVD-2026-32675

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK...

8.8CVSS5.8AI score0.00502EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:59 p.m.10 views

CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

5.8AI score0.00123EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/27 12:59 p.m.12 views

EUVD-2026-32484

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

5.8AI score0.00123EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:59 p.m.28 views

CVE-2026-46101

CVE-2026-46101 — Linux kernel netfilter nft_bitwise : The issue arises in the carry-propagation for 32-bit words when a zero shift operand is used in nft_bitwise left/right shift expressions, causing undefined behaviour. The fix rejects zero shift operands during initialization and extends the ex...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter component within the nft bitwise function. The carry propagation logic calculates the carry from the adjacent 32-bit word using BITS PER TYPEu32 - shift...

5.5CVSS6AI score0.00123EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

UFO³ 安全漏洞

UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Version UFO³ 3.0.1-4-ge2626659 contains security vulnerabilities. These vulnerabilities stem from the WebSocket control plane’s reliance on identity and role fields provided by clients,...

8.8CVSS5.8AI score0.00502EPSS
Exploits0References1
OSV
OSV
added 2026/05/21 4:46 p.m.7 views

GHSA-VRXG-GM77-7Q5G Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS

HTTP transports expose unauthenticated PowerShell control with wildcard CORS There is an issue in the SSE and Streamable HTTP transport modes. The default stdio mode is not affected, but the documented HTTP modes expose the MCP control plane without authentication and add wildcard CORS handling...

9.3CVSS6.1AI score0.00397EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2026/05/13 1:30 p.m.15 views

K000156734: BIG-IP Configuration utility vulnerability CVE-2026-40699

Security Advisory Description A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. CVE-2026-40699 Impact This vulnerability may allow a low-privileged authenticated...

7.1CVSS5.7AI score0.00277EPSS
Exploits0Affected Software11
Rows per page
Query Builder