Lucene search
K

2591859 matches found

NVD
NVD
added 34 minutes ago2 views

CVE-2026-54893

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago4 views

CVE-2026-54893 Email-derived URL path injection in the Swoosh Microsoft Graph adapter

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-54893

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS
Exploits0References5Affected Software1
CVE
CVE
added 1 hour ago5 views

CVE-2026-54893

Swoosh.Adapters.MsGraph is vulnerable to URL path injection via the from-address interpolation into /users/{from}/sendMail without percent-encoding or validation. If from derives from untrusted input, an attacker can inject URL-special characters (/, ?, #) to escape the intended path and rewrite ...

2.1CVSS
Exploits0References4
GithubExploit
GithubExploit
added 2 hours ago10 views

Exploit for Incorrect Behavior Order: Authorization Before Parsing and Canonicalization in Apache Camel

camel-platform-http-main Authentication Bypass on Non-Root Con...

8.2CVSS5.9AI score0.00622EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2 hours ago6 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.66 packages and security update

Red Hat OpenShift Container Platform release 4.15.66 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

10CVSS7AI score0.01945EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2 hours ago5 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 hours ago8 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2 hours ago4 views

⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code pulled dirt from a dependency. Identit...

6.4AI score
Exploits0
GithubExploit
GithubExploit
added 2 hours ago12 views

Exploit for Path Traversal in Adobe Coldfusion

CVE-2026-48282-POC CVE-2026-48282 is a path traversal...

10CVSS6.4AI score0.01021EPSS
Exploits2
GithubExploit
GithubExploit
added 2 hours ago10 views

Exploit for Improper Use of Validation Framework in Apache Camel

camel-mail Header Injection → RCE Vulnerability Reproducer CV...

9.4CVSS6.2AI score0.00621EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2 hours ago5 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.15.66 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.66 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

9.8CVSS6AI score0.00563EPSS
Exploits13References5
GithubExploit
GithubExploit
added 3 hours ago13 views

Exploit for Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Camel

camel-coap Header Injection → RCE Vulnerability Reproducer CV...

10CVSS6.3AI score0.06157EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 3 hours ago9 views

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...

9.1CVSS6.1AI score0.00625EPSS
Exploits0References2Affected Software1
OSV
OSV
added 3 hours ago4 views

RUSTSEC-2026-0203 `tree-sitter-perl-next` is unmaintained

The author of tree-sitter-perl-next has stated that the crate is unmaintained and will not receive further fixes see the repo's readme. Alternatives - ts-parser-perl , an actively maintained tree-sitter Perl grammar that tree-sitter-perl-next initially forked...

6AI score
Exploits0References3
The Hacker News
The Hacker News
added 4 hours ago4 views

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigatio...

5.8AI score
Exploits0
NVD
NVD
added 4 hours ago7 views

CVE-2026-58226

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS
Exploits0References4
NVD
NVD
added 4 hours ago5 views

CVE-2026-56810

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS
Exploits0References4
NVD
NVD
added 4 hours ago7 views

CVE-2026-49042

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue...

Exploits0References1
NVD
NVD
added 4 hours ago6 views

CVE-2026-46587

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the issue...

Exploits0References1
Rows per page
Query Builder