Lucene search
K

633 matches found

Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-46587 Apache Camel: Couchbase: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the issue...

0.00199EPSS
Exploits0References1
CVE
CVE
added 3 days ago9 views

CVE-2026-46587

CVE-2026-46587 affects Apache Camel and is due to Improper Input Validation. The vulnerability impacts Camel up to 4.14.7 and from 4.15.0 through 4.18.2, and from 4.19.0 through 4.20.0. Affected product/version ranges are explicitly listed in the initial document; mitigation is to upgrade to a fi...

7.3CVSS5.9AI score0.00199EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5467 Authorizer: CQL/N1QL Injection in Cassandra and Couchbase Backends via fmt.Sprintf String Interpolation in github.com/authorizerdev/authorizer

Authorizer: CQL/N1QL Injection in Cassandra and Couchbase Backends via fmt.Sprintf String Interpolation in github.com/authorizerdev/authorizer...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:57 a.m.7 views

Malicious code in @mastra/couchbase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 693f6ba494800c38ce77ad49fa5d74745125fc4d3bb68c047ea96032580b7a93 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

com.couchbase.client.flink-connector-couchbase_2.12:flink-connector-couchbase_2.12 (=0.5.0), com.datasqrl.flinkrunner:kafka-safe-connector (>=0.9.0-alpha1 <=0.9.0-alpha2) +29 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-api-java MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =26.0.0, =0.2.0, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 12:0 a.m.9 views

org.springframework.ai:spring-ai-starter-vector-store-couchbase (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-couchbase-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-couchbase-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316423...

8.6CVSS5.8AI score0.00394EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 12:0 a.m.8 views

org.springframework.ai:spring-ai-starter-vector-store-couchbase (>=1.0.0 <=1.0.5) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-couchbase-store (>=1.0.0-M7 <=1.0.5)

org.springframework.ai:spring-ai-couchbase-store MAVEN version =1.0.0-M7, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316423...

8.6CVSS5.8AI score0.00394EPSS
Exploits0
Snyk
Snyk
added 2026/04/27 12:0 a.m.5 views

Improper Neutralization of Special Elements in Data Query Logic

Overview org.springframework.ai:spring-ai-couchbase-store is a Spring AI Couchbase Vector Store Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying...

8.8CVSS5.8AI score0.00394EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/27 2:23 p.m.9 views

CVE-2021-27924

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is insecurely logging session cookies in the logs. This allows for the impersonation of a user if the log files are obtained by an attacker before a session cookie expires...

5.9CVSS6.9AI score0.00549EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.9 views

Couchbase Server - Broken Access Control

Couchbase Server versions 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0-4.6.5, 5.0.0, 5.1.1, 5.5.0, and 5.5.1 contain insecure permissions for the projector and indexer REST endpoints caused by unauthenticated access, letting attackers access administrative APIs without authentication, exploit require...

9.8CVSS7AI score0.03842EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.8 views

CVE-2023-25016

Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor...

7.5CVSS6.9AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.7 views

CVE-2023-43768

An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands...

7.5CVSS6.9AI score0.00749EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.4 views

CVE-2023-50436

An issue was discovered in Couchbase Server before 7.2.4. nsserver admin credentials are leaked in encoded form in the diag.log file. The earliest affected version is 7.1.5...

5.3CVSS6.9AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.16 views

CVE-2023-50437

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...

8.6CVSS7AI score0.00683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.7 views

CVE-2023-49931

An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL calls to /diag/eval are not sufficiently restricted...

9.8CVSS6.8AI score0.0091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.8 views

CVE-2023-49338

Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authentication for the /admin/stats and /admin/vitals endpoints on TCP port 8093 of localhost...

7.5CVSS7.3AI score0.00604EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.12 views

CVE-2023-49932

An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL host restrictions...

5.4CVSS7AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.8 views

CVE-2023-45873

An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service application exist because of the OOM killer...

6.5CVSS6.8AI score0.00663EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:30 a.m.9 views

CVE-2021-27925

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View Engine and Auditing is enabled, a crash condition can depending on a race condition cause an internal user with administrator privileges, @nsserver, to have its credentials leaked in cleartext in the...

4.4CVSS6.9AI score0.00529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:51 a.m.12 views

CVE-2022-42950

An issue was discovered in Couchbase Server 7.x before 7.0.5 and 7.1.x before 7.1.2. A crafted HTTP REST request from an administrator account to the Couchbase Server Backup Service can exhaust memory resources, causing the process to be killed, which can be used for denial of service...

4.9CVSS6.9AI score0.00956EPSS
Exploits0References1
Rows per page
Query Builder