Lucene search
K

16019 matches found

vulnersOsv
vulnersOsv
added 2026/05/27 6:16 p.m.5 views

ai-dynamo (=0.1.0), bento2seldon (>=0.1.0 <=0.4.0) +16 more potentially affected by CVE-2026-44345 via bentoml (>=0.10.1 <=1.4.3)

bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 and more Source cves: CVE-2026-44345 Source advisory: OSV:PYSEC-2026-189...

8.8CVSS5.4AI score0.00317EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/27 5:33 p.m.4 views

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +95 more potentially affected by CVE-2026-45357 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-45357 Source advisory: OSV:GHSA-HH27-HF48-9F5Q...

7.5CVSS5.7AI score0.00385EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/27 5:16 p.m.4 views

bsky2llm (=0.1.0), downitall-android (=1.5.0) +14 more potentially affected by CVE-2026-44353 via streamlink (>=0.14.2 <=8.0.0)

streamlink PYPI version =0.14.2, =0.3.0, =0.0.1, =0.0.18, =1.0.0, =0.12.0, =0.1.14, =1.1.0, =0.0.1, =2.1.0, =3.4.0b2 - twitch-fapi-backend =0.1.0 and more Source cves: CVE-2026-44353 Source advisory: OSV:PYSEC-2026-180...

6.5CVSS5.4AI score0.00345EPSS
Exploits1
OSV
OSV
added 2026/05/27 11:53 a.m.16 views

SUSE-SU-2026:2092-1 Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool...

7.5CVSS6AI score0.00813EPSS
Exploits0References25
vulnersOsv
vulnersOsv
added 2026/05/27 12:11 a.m.6 views

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +95 more potentially affected by CVE-2026-44645 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-44645 Source advisory: OSV:GHSA-8XX9-69P8-7JP3...

6.5CVSS5.7AI score0.00317EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/27 12:5 a.m.8 views

org.yamcs:distribution (>=4.7.1 <=5.12.6), org.yamcs:packet-viewer (>=4.10.3 <=5.12.6) +14 more potentially affected by CVE-2026-44632 via org.yamcs:yamcs-core (>=0.29.3 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =0.29.3, =4.7.1, =4.10.3, =4.10.3, =5.10.0, =5.10.0, =3.4.0, =4.5.0, =0.1.0, =0.1, =4.5.0, =0.29.3, =1.0.0, =4.7, =4.10.3, =5.12.6 and more Source cves: CVE-2026-44632 Source advisory: OSV:GHSA-524G-X36V-9WM6...

5.5AI score0.00473EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the commitmutex in the netfilter reset path, leading to a circular lock dependency and...

5.8AI score0.00137EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/26 11:38 p.m.4 views

@fedify/cli (>=2.2.0 <=2.2.3-dev.1098) potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.2.0 <=2.2.3-dev.1098)

@fedify/fedify NPM version =2.2.0, =2.2.0, =2.2.3-dev.1098 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...

7CVSS5.4AI score0.00171EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 11:38 p.m.4 views

@fedify/cli (>=2.0.0 <=2.0.17) potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.0.0 <=2.0.17)

@fedify/fedify NPM version =2.0.0, =2.0.0, =2.0.17 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...

7CVSS5.4AI score0.00171EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 11:38 p.m.5 views

@fedify/cli (>=2.0.0 <=2.0.17) potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.0.0 <=2.0.17)

@fedify/fedify NPM version =2.0.0, =2.0.0, =2.0.17 Source cves: CVE-2026-42462 Source advisory: SNYK:JS-FEDIFYFEDIFY-16895732...

7CVSS5.4AI score0.00171EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 11:38 p.m.6 views

@de-otio/trellis (>=0.4.0 <=0.7.1), @fedify/amqp (>=0.1.0 <=0.2.0-dev.12) +6 more potentially affected by CVE-2026-42462 via @fedify/fedify (>=1.10.0 <=1.9.0-dev.1516)

@fedify/fedify NPM version =1.10.0, =0.4.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.2.0, =0.0.1, =0.1.0, =1.1.20 Source cves: CVE-2026-42462 Source advisory: SNYK:JS-FEDIFYFEDIFY-16895732...

7CVSS5.4AI score0.00171EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 11:10 p.m.5 views

433bf (=0.0.1), @aaqilniz/cli (=4.1.4) +554 more potentially affected by CVE-2026-42089 via yeoman-environment (>=2.9.5 <=6.0.0)

yeoman-environment NPM version =2.9.5, =4.2.0, =14.0.0, =1.0.0, =0.0.1, =1.0.0-beta.1, =1.0.0-beta.1, =0.0.5, =8.0.0, =8.3.0-pre.2022-06-22.sha-42703caf, =8.0.2, =1.0.0, =1.2.1-pre.2024-01-09.d13174d0, =2.1.0 and more Source cves: CVE-2026-42089 Source advisory: OSV:GHSA-VV9J-GJW2-J8WP...

8.6CVSS5.7AI score0.00139EPSS
Exploits1
Snyk
Snyk
added 2026/05/26 11:8 p.m.7 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...

6.9CVSS5.5AI score0.00193EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/26 6:0 p.m.4 views

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-39964 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-39964 Source advisory: SNYK:JS-TYPEBOTIOJS-16895730...

5.4CVSS5.4AI score0.00241EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 5:39 p.m.5 views

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-28445 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-28445 Source advisory: OSV:GHSA-6M7C-XFHP-P9FH...

8.7CVSS5.4AI score0.00257EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 5:39 p.m.4 views

@typebot.io/react (=0.10.0) potentially affected by CVE-2026-28445 via @typebot.io/js (=0.10.0)

@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-28445 Source advisory: SNYK:JS-TYPEBOTIOJS-16895731...

8.7CVSS5.4AI score0.00257EPSS
Exploits0
OSV
OSV
added 2026/05/26 3:27 p.m.10 views

MAL-2026-4822 Malicious code in loadtest-browser-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 934a61b207f82f8549de09139a73a80f47746bba1dacd21f657d34e6e542324e On npm install, the package's preinstall hook executes index.js, which collects host identifiers hostname, username, platform, arch, cwd, pid,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/26 3:8 p.m.14 views

MAL-2026-4825 Malicious code in cdktn-provider-newrelic (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51996ccf23fd3d3b291f945e2ec88504c93d7e302e183c7633632b8a03d1590d Package name 'cdktn-provider-newrelic' is a single-character edit cdktf→cdktn of HashiCorp's official 'cdktf-provider-newrelic' CDK for Terraform...

5.9AI score
Exploits0References1
CVE
CVE
added 2026/05/26 11:54 a.m.22 views

CVE-2026-8479

CVE-2026-8479 affects IEC 60870-5-104 in bidirectional mode (BCI). The vulnerability is a NULL pointer dereference triggered by a specially crafted message sequence over time, leading to a Denial of Service. Affected product behavior occurs only if IEC 60870-5-104 bidirectional functionality is c...

6.9CVSS5.8AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2026/05/26 9:49 a.m.8 views

MAL-2026-4808 Malicious code in wm-idp-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2acf2a0d94ec1d2bada80f3251f5ecbea64d78ffadcab2b997b9708c2ae71cd package.json declares "node-fetch": "https://registry.ctzbg.com/wm-idp-sdk/node-fetch" — a direct HTTPS tarball URL hosted on a domain...

5.9AI score
Exploits0References1
Rows per page
Query Builder