Lucene search
+L

18275 matches found

NVD
NVD
added 5 days ago4 views

CVE-2026-15642

Insertion of sensitive information into a file in the Recovery Kit response file generation feature in Devolutions Server 2026.1.22.0, 2026.2.11.0 allows an attacker with access to the generated response file to obtain the Azure Key Vault client secret in cleartext, even when the option to exclud...

3.3CVSS0.00115EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-50456

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-50442

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-50434

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-50430

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50415

Exposure of sensitive information to an unauthorized actor in Windows Media allows an unauthorized attacker to disclose information over a network...

5.3CVSS0.00576EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50409

Exposure of sensitive information to an unauthorized actor in Windows Overlay Filter allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-50352

Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally...

5.5CVSS0.00469EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50339

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-15642

Insertion of sensitive information into a file in the Recovery Kit response file generation feature in Devolutions Server 2026.1.22.0, 2026.2.11.0 allows an attacker with access to the generated response file to obtain the Azure Key Vault client secret in cleartext, even when the option to exclud...

0.00115EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-50697

Exposure of sensitive information to an unauthorized actor in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00284EPSS
Exploits0References1
CVE
CVE
added 5 days ago8 views

CVE-2026-50350

CVE-2026-50350 concerns an information-disclosure vulnerability in Windows’ Trusted Runtime Interface Driver. An authenticated local attacker may disclose sensitive information due to an underlying flaw in the driver, with CVSSv3.1 metrics indicating Local attack vector, Low attack complexity, Lo...

5.5CVSS6AI score0.00353EPSS
Exploits0References1Affected Software6
CVE
CVE
added 5 days ago11 views

CVE-2026-50294

CVE-2026-50294 : Windows Kernel exposes sensitive system information to an unauthorized control sphere, enabling a local attacker to disclose information. Documents confirm a local attack vector with high confidentiality impact; no exploitation details or remediation are provided in the connected...

6.2CVSS6AI score0.00374EPSS
Exploits0References1Affected Software12
CVE
CVE
added 5 days ago18 views

CVE-2026-41087

CVE-2026-41087 affects Windows File Explorer; a local attacker can cause exposure of sensitive information to obtain disclosure on the host. The vulnerability is rated CVSSv3.1: 5.5 (Medium) with Local access, Low attack complexity, Privileges Required: Low, no user interaction, and Confidentiali...

5.5CVSS6AI score0.00353EPSS
Exploits0References1Affected Software11
CVE
CVE
added 5 days ago9 views

CVE-2026-55651

Easy!Appointments exposes an Excessive Data Exposure vulnerability in the customers search endpoint (affected in 1.5.2) that allows an authenticated user to obtain appointment hashes belonging to other users, enabling modification or deletion of others’ appointments and leading to an Appointments...

7.1CVSS6.1AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 5 days ago3 views

CVE-2026-55651 Easy!Appointments Vulnerable to Appointments Takeover via Excessive Data Exposure

Easy!Appointments is a self hosted appointment scheduler. In version 1.5.2, an Excessive Data Exposure vulnerability in the customers search endpoint allows an authenticated user to obtain appointment hashes belonging to other users. Using these hashes, an attacker can modify or delete appointmen...

7.1CVSS6.1AI score0.00185EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 5 days ago11 views

Windows Kernel Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...

3.3CVSS6.1AI score0.00346EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 5 days ago8 views

Win32k Elevation of Privilege Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an unauthorized attacker to elevate privileges locally...

6.2CVSS6.1AI score0.00495EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 5 days ago10 views

Microsoft Office Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

5.5CVSS6.1AI score0.00382EPSS
Exploits0
NVD
NVD
added 5 days ago6 views

CVE-2026-15389

A vulnerability relating to insufficient access control has been identified in the session management of the Sesame Time web application and its REST v3 API. The flaw lies in the fact that the system uses the session identifier USID as the sole validation mechanism, without verifying whether that...

8.7CVSS0.00275EPSS
Exploits0References1
Rows per page
Query Builder