7860 matches found
CVE-2026-6912
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
k8sGPT has Prompt Injection through its k8sGPT-Operator
Summary In the auto-remediation pipeline, objecttoexecution.go was deserializing the AI-generated YAML directly into a Deployment object, but there was lack of validation from the original Deployment object. Details This issue was fixed after coordination with Alex Jones. PoC To minimize the...
GHSA-RP7V-4384-HFRP k8sGPT has Prompt Injection through its k8sGPT-Operator
Summary In the auto-remediation pipeline, objecttoexecution.go was deserializing the AI-generated YAML directly into a Deployment object, but there was lack of validation from the original Deployment object. Details This issue was fixed after coordination with Alex Jones. PoC To minimize the...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...
CVE-2026-6912 Privilege Escalation via Self-Writable Cognito Custom Attribute in AWS Ops Wheel
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
CVE-2026-6912 Privilege Escalation via Self-Writable Cognito Custom Attribute in AWS Ops Wheel
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
CVE-2026-6912
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
CVE-2026-6912
The CVE-2026-6912 affects AWS Ops Wheel prior to PR #165, where access to dynamically determined Cognito User Pool attributes can be abused. The root cause is improper control over updates to object attributes, enabling remote authenticated users to escalate to deployment-admin privileges by craf...
EUVD-2026-25577
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
GHSA-W7RC-Q6CM-F5GM Apache Airflow's asset dependency graph did not restrict nodes by the viewer's DAG read permissions
The asset dependency graph did not restrict nodes by the viewer's DAG read permissions: a user with read access to at least one DAG could browse the asset graph for any other asset in the deployment and learn the existence and names of DAGs and assets outside their authorized scope. Users are...
PT-2026-35028
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
CVE-2026-41339
OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via import flow. An attacker can gain remote code execution using company creation endpoint that improperly checks for admin rights in authenticated mode deployment with default configuration. Remediation Upgrade...
A-THENA: Early Intrusion Detection for IoT with Time-Aware Hybrid Encoding and Network-Specific Augmentation
The proliferation of Internet of Things IoT devices has significantly expanded attack surfaces, making IoT ecosystems particularly susceptible to sophisticated cyber threats. To address this challenge, this work introduces A-THENA, a lightweight early intrusion detection system EIDS that...
Oracle Siebel Server <= 26.2 (April 2026 CPU)
The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Siebel CRM Integration product of Oracle Siebel CRM component: REST Jettison. Supported versions that are affected are...
📄 Keras 3.13.0 Malicious ML Model Server HDF5 Shape Bomb
This script is a Flask-based web server that distributes .keras machine learning model files, but it is designed in a malicious way for security research/testing scenarios. The main idea is a denial of service via memory exhaustion, where generated Keras models contain artificially declared...
CVE-2026-3621 IBM WebSphere Application Server Liberty is affected by identity spoofing
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured...
monetr: Server-side request forgery in Lunch Flow link creation and refresh
Impact A server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs supplied by the caller, with the response body from non-200 upstream response...
GHSA-29V9-FRVH-C426 monetr: Server-side request forgery in Lunch Flow link creation and refresh
Impact A server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs supplied by the caller, with the response body from non-200 upstream response...
Enterprise-Grade Application Security, Cloud-Native Speed: Introducing Imperva for Google Cloud
In today’s dynamic digital environment, the pressure to innovate has never been greater. Development teams are pushing for native cloud tools to maximize performance and cost-efficiency, while security teams require best-of-breed, enterprise-grade protection to defend against an ever-evolving...