Lucene search
+L

291 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQ...

7.2CVSS5.9AI score0.00704EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argumen...

6CVSS5.6AI score0.00207EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/07/12 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/10 8:10 p.m.7 views

CVE-2026-53449

A flaw was found in Coturn, an open-source TURN and STUN server. An authenticated administrator with command-line interface CLI access could exploit a vulnerability in the psd print sessions dump command. This flaw allows the administrator to overwrite arbitrary files on the system that are...

6CVSS6.2AI score0.00207EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/10 8:10 p.m.9 views

CVE-2026-53450

A flaw was found in Coturn, an open-source implementation of TURN and STUN servers. An authenticated TURN client can bypass the default loopback protection mechanism by using an IPv4-mapped IPv6 peer address. This allows the client to expose services that are intended to be accessible only from t...

7.4CVSS6AI score0.0029EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/10 8:9 p.m.9 views

CVE-2026-53448

A flaw was found in Coturn, a free open-source implementation of TURN and STUN Server. The HTTPS administration panel, specifically in the delete-user, delete-secret, and delete-IP operations, does not properly sanitize HTTP query parameters. This allows an authenticated administrator to inject...

7.2CVSS6.4AI score0.00704EPSS
Exploits1References7
OSV
OSV
added 2026/07/10 7:17 p.m.3 views

DEBIAN-CVE-2026-53449

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS6.2AI score0.00207EPSS
Exploits1References1
OSV
OSV
added 2026/07/10 7:17 p.m.3 views

DEBIAN-CVE-2026-53450

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 7:17 p.m.8 views

CVE-2026-53449

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS0.00207EPSS
Exploits1References3
OSV
OSV
added 2026/07/10 7:17 p.m.5 views

DEBIAN-CVE-2026-53448

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The issecurestring filter that protects the STUN protocol path is not...

7.2CVSS6.2AI score0.00704EPSS
Exploits1References1
NVD
NVD
added 2026/07/10 7:17 p.m.10 views

CVE-2026-53448

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The issecurestring filter that protects the STUN protocol path is not...

7.2CVSS0.00704EPSS
Exploits1References4
OSV
OSV
added 2026/07/10 7:17 p.m.4 views

UBUNTU-CVE-2026-53449

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS6.2AI score0.00207EPSS
Exploits1References5
OSV
OSV
added 2026/07/10 7:17 p.m.7 views

UBUNTU-CVE-2026-53448

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The issecurestring filter that protects the STUN protocol path is not...

7.2CVSS6.2AI score0.00704EPSS
Exploits1References6
OSV
OSV
added 2026/07/10 7:17 p.m.4 views

UBUNTU-CVE-2026-53450

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References4
CVE
CVE
added 2026/07/10 6:5 p.m.17 views

CVE-2026-53450

The CVE-2026-53450 entry affects Coturn (TURN/STUN server). A defect in prior releases (

7.4CVSS6.1AI score0.0029EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/10 6:5 p.m.39 views

CVE-2026-53450 Coturn: IPv4-mapped 127.0.0.1 bypasses default loopback peer protection

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS0.0029EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/10 6:5 p.m.7 views

EUVD-2026-42971

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References2
OSV
OSV
added 2026/07/10 6:5 p.m.3 views

CVE-2026-53450 Coturn: IPv4-mapped 127.0.0.1 bypasses default loopback peer protection

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/07/10 6:5 p.m.8 views

CVE-2026-53450

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.0029EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/10 5:59 p.m.8 views

EUVD-2026-42970

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS6.2AI score0.00207EPSS
Exploits1References3
Rows per page
Query Builder