Lucene search
+L

981 matches found

Nuclei
Nuclei
added 9 hours ago77 views

Vite Dev Server - Information Exposure

Vite is a frontend tooling framework for JavaScript. Before versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network using...

6CVSS5.3AI score0.01077EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 3 days ago4 views

PT-2026-58348

Name of the Vulnerable Software and Affected Versions Active Directory Domain Services affected versions not specified Description A null pointer dereference—a condition where a program attempts to read a memory location that is null—exists in Active Directory Domain Services. This allows an...

6.5CVSS6.1AI score0.00755EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58210

Name of the Vulnerable Software and Affected Versions Azure Active Directory versions prior to 8.19.2 Description An infinite loop occurs when an unreachable exit condition is triggered, allowing an unauthorized attacker to remotely cause a denial of service over a network. Recommendations Update...

7.5CVSS6.1AI score0.00797EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago4 views

PT-2026-58717

Name of the Vulnerable Software and Affected Versions .NET Framework affected versions not specified Description An issue exists where resources are allocated without limits or throttling, allowing an unauthorized attacker to cause a denial of service over a network. Recommendations At the moment...

7.5CVSS6.1AI score0.00617EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-58252

A flaw was found in NATS Server. An authenticated user could bypass configured access restrictions and receive messages on subjects that were explicitly denied. This occurs when a wildcard subscription overlaps with a wildcard deny rule but is not a direct subset, or when queue subscriptions...

6.5CVSS6AI score0.00465EPSS
Exploits0References10
Microsoft CVE
Microsoft CVE
added 6 days ago4 views

NATS Server: MQTT retained and QoS replay bypass subscribe deny filters

...

4.3CVSS6.1AI score0.00342EPSS
Exploits0
Snyk
Snyk
added 2026/07/08 10:39 p.m.5 views

Improper Authorization

Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Improper Authorization via the queue subscription process. An attacker can gain unauthorized...

7.1CVSS6.1AI score0.00463EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/08 10:39 p.m.5 views

Improper Authorization

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Improper Authorization via the queue subscription process. An attacker can gain unauthorized...

7.1CVSS6.1AI score0.00463EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/08 10:38 p.m.6 views

Improper Authorization

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Improper Authorization via the subscription authorization process. An attacker can access...

7.1CVSS6.1AI score0.00465EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/08 10:38 p.m.4 views

Improper Authorization

Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Improper Authorization via the subscription authorization process. An attacker can access...

7.1CVSS6.1AI score0.00465EPSS
Exploits0References2
NVD
NVD
added 2026/07/08 8:16 p.m.6 views

CVE-2026-58251

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user with subscription deny permissions could bypass a plain subject deny rule by using a queue subscription, because queue-specific deny...

6.5CVSS0.00463EPSS
Exploits0References7
NVD
NVD
added 2026/07/08 8:16 p.m.6 views

CVE-2026-58209

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics matched a subscriber configured subscribe deny rule because these...

4.3CVSS0.00342EPSS
Exploits0References5
CVE
CVE
added 2026/07/08 8:12 p.m.14 views

CVE-2026-58209

NATS Server before versions 2.14.3 and 2.12.12 could deliver MQTT retained messages and QoS1+ durable replays to subscribers whose topics matched a deny rule, because delivery paths did not consistently re-check the original topic before sending MQTT PUBLISH. This issue is fixed in 2.14.3 and 2.1...

4.3CVSS6AI score0.00342EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/07/08 8:12 p.m.35 views

CVE-2026-58209 NATS Server: MQTT retained and QoS replay bypass subscribe deny filters

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics matched a subscriber configured subscribe deny rule because these...

4.3CVSS0.00342EPSS
Exploits0References5
OSV
OSV
added 2026/07/08 8:12 p.m.4 views

CVE-2026-58209 NATS Server: MQTT retained and QoS replay bypass subscribe deny filters

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics matched a subscriber configured subscribe deny rule because these...

4.3CVSS6.1AI score0.00342EPSS
Exploits0References7
CVE
CVE
added 2026/07/08 7:46 p.m.14 views

CVE-2026-58252

CVE-2026-58252 affects NATS Server prior to versions 2.14.0, 2.12.7, and 2.11.16. An authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset of it; queue subscriptions could also affect delivery...

6.5CVSS6AI score0.00465EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/07/08 7:46 p.m.4 views

CVE-2026-58252 NATS Server: Subscribe Authz Bypass via Wildcard-Overlap

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset...

6.5CVSS6.1AI score0.00465EPSS
Exploits0References9
OSV
OSV
added 2026/07/08 7:40 p.m.4 views

CVE-2026-58251 NATS Server: Queue Subscribe Authz Bypass

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user with subscription deny permissions could bypass a plain subject deny rule by using a queue subscription, because queue-specific deny...

6.5CVSS6.1AI score0.00463EPSS
Exploits0References9
CVE
CVE
added 2026/07/08 7:40 p.m.11 views

CVE-2026-58251

CVE-2026-58251 affects NATS Server prior to version 2.14.0, 2.12.7, and 2.11.16. An authenticated user with subscription deny permissions could bypass a plain Subject deny rule by using a queue subscription, because queue-specific deny evaluation could override the plain subject deny result when ...

6.5CVSS6AI score0.00463EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56559

Name of the Vulnerable Software and Affected Versions NATS Server versions prior to 2.14.3 NATS Server versions prior to 2.12.12 Description MQTT retained message delivery and QoS1+ durable replay may deliver messages to subscribers even if the original topics match a configured subscribe deny...

4.3CVSS6.1AI score0.00342EPSS
Exploits0References9
Rows per page
Query Builder