Lucene search
K

9204 matches found

RedhatCVE
RedhatCVE
added 2026/04/10 7:7 a.m.4 views

CVE-2026-25854

A flaw was found in Apache Tomcat. This open redirect vulnerability allows an attacker to redirect a user to an untrusted site. This occurs through the LoadBalancerDrainingValve, which can be exploited to manipulate URL redirection. The primary impact is that users may be unknowingly directed to...

6.1CVSS5.8AI score0.00526EPSS
Exploits0References4
OSV
OSV
added 2026/04/08 9:51 p.m.8 views

GHSA-68M9-983M-F3V5 OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response

Description When OpenFGA is configured to use preshared-key authentication with the built-in playground enabled, the local server includes the preshared API key in the HTML response of the /playground endpoint. The /playground endpoint is enabled by default and does not require authentication. It...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/08 9:51 p.m.12 views

OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response

Description When OpenFGA is configured to use preshared-key authentication with the built-in playground enabled, the local server includes the preshared API key in the HTML response of the /playground endpoint. The /playground endpoint is enabled by default and does not require authentication. It...

7.5CVSS5.9AI score0.0028EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/08 7:53 p.m.3 views

GHSA-4GGG-H7PH-26QR n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode

Impact An authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to issue HTTP requests to arbitrary URLs supplied through multi-tenant HTTP headers. Response bodies are reflected back through JSON-RPC, so an attacker can read the conten...

8.5CVSS5.8AI score0.00316EPSS
Exploits0References5
OSV
OSV
added 2026/04/08 7:53 p.m.2 views

GHSA-HWR4-MQ23-WCV5 mercure has Topic Selector Cache Key Collision

Impact A cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to unauthorized subscribers or blocking delivery to authorized ones. The cache key was constructed by concatenating the topic...

7.1CVSS5.8AI score0.00341EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.8 views

PT-2026-32978

Name of the Vulnerable Software and Affected Versions OpenFGA versions 0.1.4 through 1.13.1 Description When configured to use preshared-key authentication with the built-in playground enabled, the local server includes the preshared API key in the HTML response of the '/playground' endpoint. Thi...

6.5CVSS5.9AI score0.0028EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.10 views

PT-2026-31279

Affected openclaw-claude-bridge v1.1.0 Issue v1.1.0 spawns the Claude Code CLI subprocess with --allowed-tools "" and the release notes + README claim this "disables all CLI tools" for sandboxing. This claim is incorrect. Per the Claude Code CLI documentation, --allowed-tools alias --allowedTools...

6.3AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006682)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006682 advisory. In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the...

5.5CVSS6AI score0.00238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006625 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused Doug reported 1 the following hung...

5.5CVSS5.8AI score0.00211EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006793)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006793 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling cryptofinalizerequest, BH should be...

5.5CVSS6AI score0.00231EPSS
Exploits0References4
CVE
CVE
added 2026/04/07 11:25 p.m.19 views

CVE-2026-4401

CVE-2026-4401 affects the WordPress plugin Download Monitor up to version 5.1.10. The vulnerability is a CSRF in the actions_handler() and bulk_actions_handler() in class-dlm-downloads-path.php caused by missing nonce verification. This allows unauthenticated attackers to delete, disable, or enab...

5.4CVSS5.8AI score0.00161EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/04/07 10:48 p.m.14 views

WordPress Download Monitor plugin <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and Disabling vulnerability

Cross-Site Request Forgery to Download Path Deletion and Disabling vulnerability discovered by Kirasec in WordPress Plugin Download Monitor versions = 5.1.10...

5.4CVSS5.9AI score0.00161EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/07 2:13 p.m.6 views

CVE-2026-35030

A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. When JSON Web Token JWT authentication is enabled, the OIDC user information cache uses a truncated portion of the token as a cache key. An unauthenticated attacker can exploit this by crafting a JWT with the same...

9.4CVSS5.8AI score0.0049EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/04/06 11:25 p.m.4 views

SUSE CVE-2026-31406

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

7CVSS5.7AI score0.00159EPSS
Exploits0References40
Github Security Blog
Github Security Blog
added 2026/04/06 6:0 p.m.11 views

strawberry-graphql: Authentication bypass via legacy graphql-ws WebSocket subprotocol

Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connectioninit handshake has been completed before processing start subscription messages. This allows a remote...

7.5CVSS5.8AI score0.00424EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/06 7:38 a.m.19 views

CVE-2026-31406

The CVE-2026-31406 issue is a race in the Linux kernel xfrm path during network cleanup. After cancel_delayed_work_sync() is invoked from xfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes states and __xfrm_state_delete() calls xfrm_nat_keepalive_state_updated(), which can re-schedule nat_k...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30761

Name of the Vulnerable Software and Affected Versions Strawberry GraphQL versions through 0.312.3 Description Strawberry GraphQL is susceptible to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify completion of a connection ini...

7.5CVSS5.2AI score0.00424EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.6 views

PT-2026-30329

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6AI score0.00302EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/03 11:33 p.m.3 views

CVE-2026-34769

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. Ap...

8.8CVSS5.9AI score0.00295EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/03 11:33 p.m.26 views

CVE-2026-34769

CVE-2026-34769 (Electron) affects Electron versions prior to 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8. An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. When apps construct webPreferences from external or untrusted i...

8.8CVSS5.9AI score0.00295EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder