Lucene search
K

574 matches found

CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.9 views

CVE-2026-39834 affecting package moby-engine for versions less than 25.0.3-18

CVE-2026-39834 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Seagate openSeaChest 安全漏洞

Seagate openSeaChest is a set of cross-platform storage device management tools developed by Seagate Corporation. The version of Seagate openSeaChest v25.05.3 contains a security vulnerability. This vulnerability stems from out-of-bounds writing and reading operations during the --showSCSIDefects...

1.8CVSS5.3AI score0.00102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45870

Name of the Vulnerable Software and Affected Versions openSeaChest version 25.05.3 Description Out of bounds write and read operations occur when using the --showSCSIDefects command. This issue allows for writing defect information out of bounds when processing very large defect lists, which can ...

1.8CVSS5.8AI score0.00102EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-9892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to...

8.3CVSS5.4AI score0.00206EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 4:16 a.m.5 views

UBUNTU-CVE-2026-48961

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

7.3CVSS5.8AI score0.00262EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 2:16 a.m.6 views

UBUNTU-CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References5
NVD
NVD
added 2026/05/21 10:16 a.m.13 views

CVE-2026-42002

Concurrency and locking defects in GSS-TSIG...

7.5CVSS0.00264EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/20 11:38 a.m.9 views

CVE-2026-42959

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.7AI score0.00779EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: rejecting negative ifindex values Recent changes in net-next commit 759ab1edb56c reorganized the handling of pre-assigned ifindex values. This led to a latent issue in ovs. ovs does not validate ifindex values,...

6.2AI score0.00203EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.15 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
Hacker One
Hacker One
added 2026/05/13 11:33 p.m.40 views

curl: TLS verifyhost bypass in rustls, mbedTLS, and wolfSSL when verifypeer=0

The now-well-known CURLOPTSSLVERIFYHOST-bypass-when-CURLOPTSSLVERIFYPEER=0 defect exists in three of curl's TLS backends: rustls EXPERIMENTAL, mbedTLS, and wolfSSL DNS hostnames only. The documented contract at docs/libcurl/opts/CURLOPTSSLVERIFYPEER.md:57-59: The check that the host name in the...

5.8CVSS6.5AI score0.04888EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/12 8:53 a.m.94 views

ISPB

🛡️ AI-powered Security Scanner Platform A next-generation...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.10 views

Iterative Audit Convergence in LLM-Managed Multi-Agent Systems: A Case Study in Prompt Engineering Quality Assurance

Prompt specifications for multi-agent large language model LLM systems carry data contracts and integration logic across many interdependent files but are rarely subjected to structured-inspection rigor. This paper reports a single-system empirical case study of iterative, agent-driven auditing...

5.9AI score
Exploits0
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.20 views

CVE-2026-27141 affecting package ignition-flatcar for versions less than 2.22.0-2

CVE-2026-27141 affecting package ignition-flatcar for versions less than 2.22.0-2. A patched version of the package is available...

7.5CVSS7.3AI score0.00501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-43360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix transaction abort on file creation due to name hash collision If we attempt to create several files with names that result in the same hash, we have ...

5.5CVSS6.6AI score0.00163EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/05 5:58 p.m.6 views

EUVD-2026-25417

Codechecker has an authentication bypass for certain API calls...

10CVSS5.8AI score0.00447EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 12:30 a.m.6 views

GHSA-R727-5PF6-47R2 Elastic Package Registry has Improper Verification of Cryptographic Signature

Improper Verification of Cryptographic Signature CWE-347 in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served to a self-hosted registry, to substitute a tampered package without the integrity check failing close...

5.9CVSS5.8AI score0.00124EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:9 p.m.6 views

CVE-2026-35379

A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the :graph: and :print: character classes. The implementation mistakenly includes the ASCII space character 0x20 in the :graph: class and excludes it from the :print: class, effectively reversing the...

3.3CVSS5.7AI score0.00149EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010994)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010994 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/16 9:54 p.m.7 views

CVE-2026-40247

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for reading Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP 404 response when...

8.7CVSS5.9AI score0.00493EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder