Lucene search
K

17358 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.10 views

RHEL 9 : webkit2gtk3 (RHSA-2026:25927)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25927 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

8.8CVSS6.8AI score0.00693EPSS
Exploits0References34
OSV
OSV
added 2026/06/15 12:0 a.m.9 views

ALSA-2026:25918 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2026-28946 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

8.8CVSS5.3AI score0.00693EPSS
Exploits0References34
NVD
NVD
added 2026/06/12 4:16 p.m.14 views

CVE-2026-8828

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS0.00279EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 3:5 p.m.14 views

GHSA-98XF-R82G-9MHX LangGraph has NoSQL parameter injection in MongoDBSaver, allowing cross-tenant state access

Summary A NoSQL injection vulnerability existed in MongoDBSaver where checkpoint identifier fields from config.configurable were used in MongoDB queries without strict type enforcement. In vulnerable versions, attacker-controlled object payloads for example MongoDB operators like $gt and $ne coul...

6.7CVSS5.4AI score0.00022EPSS
Exploits0References5
CVE
CVE
added 2026/06/12 2:50 p.m.15 views

CVE-2026-8828

CVE-2026-8828 describes a lack of authorization validation in ChromaDB Rust (version 1.0.0 and later) that allows any authenticated user to arbitrarily read, write, update, or delete data in any tenant’s collection, regardless of tenant ownership. The core issue is insufficient access control in ...

8.8CVSS5.3AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:50 p.m.10 views

CVE-2026-8828

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.3AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:46 p.m.9 views

CVE-2026-45830

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.3AI score0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 2:46 p.m.29 views

CVE-2026-45830

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 2:46 p.m.42 views

CVE-2026-45830

CVE-2026-45830 affects the ChromaDB Python project (version 0.4.17 and later). The lack of authorization validation allows any authenticated user to arbitrarily read, write, update, or delete data in any tenant’s collection, regardless of tenancy. The vulnerability is described with a CVSS 4.0 ba...

8.8CVSS5.3AI score0.00345EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/12 4:17 a.m.12 views

CVE-2026-47368

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances...

8.6CVSS0.00355EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:27 a.m.10 views

EUVD-2026-36381

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances...

8.6CVSS5.4AI score0.00355EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-48895

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.2AI score0.00345EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48919

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.2AI score0.00279EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 7:16 p.m.11 views

CVE-2025-46293

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.5CVSS0.0014EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 7:16 p.m.9 views

CVE-2025-43339

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to access sensitive user data...

5.5CVSS0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2025-24268

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

5.5CVSS0.0014EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 7:16 p.m.11 views

CVE-2025-30431

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

5.5CVSS0.00127EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 6:47 p.m.17 views

CVE-2025-30431

CVE-2025-30431 affects macOS Sequoia before 15.4, macOS Sonoma before 14.7.5, and macOS Ventura before 13.7.5. The issue stems from insufficient checks that could allow a malicious application to access private information. The vulnerability is addressed with fixes in Sequoia 15.4, Sonoma 14.7.5,...

5.5CVSS5.4AI score0.00127EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.10 views

CVE-2025-30431

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

5.4AI score0.00127EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 6:47 p.m.28 views

CVE-2025-30431

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

0.00127EPSS
Exploits0References3
Rows per page
Query Builder