Lucene search
K

756 matches found

NVD
NVD
added 2026/07/07 10:16 a.m.11 views

CVE-2026-49487

In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...

6.5CVSS0.00664EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 9:19 a.m.31 views

CVE-2026-49487 Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs

In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...

0.00664EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 9:19 a.m.15 views

CVE-2026-49487

Apache Airflow prior to 3.3.0 exposes secrets in clear text via the REST API. Specifically, the task-instance detail and list endpoints leak a deferred task’s trigger kwargs, so if a deferred operator passes a secret (e.g., a provider API key) into its trigger, any authenticated user with DAG-sco...

6.5CVSS6AI score0.00664EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/07 9:19 a.m.11 views

CVE-2026-49487

In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...

6.5CVSS6AI score0.00664EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/07 9:19 a.m.5 views

EUVD-2026-42029

In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...

6.5CVSS6AI score0.00664EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 9:19 a.m.4 views

CVE-2026-49487 Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs

In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...

6.5CVSS6AI score0.00664EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.11 views

PT-2026-56180

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.3.0 Description The REST API task-instance detail and list endpoints return a deferred task's trigger kwargs without masking. This allows any authenticated user with DAG-scoped task-instance read access to vi...

6.5CVSS5.9AI score0.00664EPSS
Exploits0References15
Amazon
Amazon
added 2026/07/07 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare CVE-2026-43303 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl CVE-2026-43492 In...

9.8CVSS6.3AI score0.00675EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/07/01 3:19 a.m.4 views

SUSE CVE-2026-53072

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock. Generally hciconnectcfm assumes it is held, and if conn is deleted...

7.5CVSS5.8AI score0.00247EPSS
Exploits0References10
NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-10655

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS0.00254EPSS
Exploits1References2
OSV
OSV
added 2026/06/30 4:33 p.m.1 views

CVE-2026-10655 Use-after-free race in SNTP async client when closing the socket while the socket service is still polling it

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS6AI score0.00254EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the...

6AI score0.00145EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:8 a.m.8 views

net/sched: act_api: use RCU with deferred freeing for action lifecycle

...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.6 views

SUSE CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 7:38 p.m.5 views

EUVD-2026-39548

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.9AI score0.00145EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/25 7:38 p.m.9 views

CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.8AI score0.00145EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.15 views

CVE-2026-53264

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

7.8CVSS0.00129EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

8CVSS0.00266EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

8CVSS5.7AI score0.00266EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References9
Rows per page
Query Builder