Lucene search
K

7789 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/22 12:50 p.m.3 views

CVE-2026-7167

The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...

6.9CVSS5.8AI score0.00357EPSS
Exploits0References2
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0029

The vulnerability of the ParseAddress, ParseAddressList, and ParseDate functions in the Go programming language is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.5CVSS5.9AI score0.00784EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.15 views

Debian dsa-6358 : libhttp-daemon-perl - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6358 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6358-1 [email protected] https://www.debian.org/security/...

9.1CVSS6.2AI score0.01452EPSS
Exploits0References4
Debian
Debian
added 2026/06/19 6:15 p.m.19 views

[SECURITY] [DSA 6353-1] gst-libav1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6353-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 19, 2026 https://www.debian.org/security/faq -...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/18 10:38 a.m.9 views

CVE-2026-48860

A flaw was found in Erlang/OTP. The inettlsdist:checkip/1 function, responsible for enforcing a LAN allowlist for Erlang distribution over TLS, incorrectly uses inet:sockname/1 instead of inet:peername/1 to obtain the peer's IP address. This allows an unauthenticated attacker, possessing a...

7.5CVSS5.6AI score0.00194EPSS
Exploits0References8
Debian
Debian
added 2026/06/17 6:1 p.m.8 views

[SECURITY] [DSA 6350-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6350-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 17, 2026 https://www.debian.org/security/faq -...

9.6CVSS5.6AI score0.00476EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.7 views

ROS-20260617-73-0039

The vulnerability in ImageMagick 7 is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.5AI score0.00501EPSS
Exploits0
OSV
OSV
added 2026/06/16 12:20 p.m.5 views

SUSE-SU-2026:2413-1 Security update for distribution

This update for distribution rebuilds it against the current go security release...

5.3AI score
Exploits0References1
Debian
Debian
added 2026/06/15 8:28 p.m.12 views

[SECURITY] [DSA 6346-1] libreoffice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6346-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 15, 2026 https://www.debian.org/security/faq -...

7.8CVSS5.7AI score0.00171EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 3:53 p.m.11 views

Malicious code in ldpbootstrap-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcab02ae44d1604b6fa9e80156a8c5882f7a4809470ff59eb6d14db4bf28f91f ldpbootstrap-jquery ships and executes an obfuscated Windows PowerShell payload as part of its documented usage. The package contains...

5.7AI score
Exploits0References5
HackRead
HackRead
added 2026/06/15 10:2 a.m.15 views

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

Over 50 Android apps on official stores spread MagicAd trojan, using system tricks to force background ads even after infected apps are closed...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for tw...

6.9CVSS6.1AI score0.00171EPSS
Exploits0References4
NVD
NVD
added 2026/06/12 10:16 p.m.14 views

CVE-2026-54398

An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP object, or attributes contained within an object, to a sharing group that the user was not authorized to use or view. When editing objects, the sharing group...

5.3CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 9:16 p.m.13 views

CVE-2026-54397

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...

6.1CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 9:8 p.m.16 views

CVE-2026-54398

CVE-2026-54398 describes an authorization flaw in MISP's object add/edit handling where an authenticated user with object editing permissions can assign objects or their attributes to a sharing group they are not authorized to view. The root cause is that during object edits the sharing group val...

5.3CVSS5.4AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 9:8 p.m.31 views

CVE-2026-54398 MISP object edit authorization bypass allows unauthorized sharing group assignment

An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP object, or attributes contained within an object, to a sharing group that the user was not authorized to use or view. When editing objects, the sharing group...

5.3CVSS0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 9:8 p.m.9 views

CVE-2026-54398 MISP object edit authorization bypass allows unauthorized sharing group assignment

An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP object, or attributes contained within an object, to a sharing group that the user was not authorized to use or view. When editing objects, the sharing group...

5.3CVSS5.4AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:55 p.m.21 views

CVE-2026-54397

MISP CVE-2026-54397 affects the non-REST event editing path. An authenticated user with event edit permissions could tamper with submitted form data to assign an event to a sharing_group_id the user is not authorized to use when distribution is set to sharing group distribution. The non-REST save...

6.1CVSS5.2AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 8:55 p.m.11 views

EUVD-2026-36577

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...

6.1CVSS5.2AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:55 p.m.7 views

CVE-2026-54397 MISP event editing allows unauthorized assignment to undisclosed sharing groups

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...

6.1CVSS5.2AI score0.00226EPSS
Exploits0References1
Rows per page
Query Builder