Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 9:51 p.m.12 views

CVE-2026-7666

A flaw was found in Django. An on-path network attacker could exploit a vulnerability in django.core.mail.backends.smtp.EmailBackend where a partially-initialized connection is reused after a failed STARTTLS handshake when failsilently=True. This could allow the attacker to intercept and read ema...

3.1CVSS5.6AI score0.0015EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/03 1:16 p.m.8 views

CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.3AI score0.0015EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 12:35 a.m.17 views

Malicious code in @taskd/maritime-email-processor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5aef29b4050fca18dd803428274de6072ff7412ecd134bd68dcc1f5e8fa150 The package's sole exported function emailProcessor in dist/index.mjs POSTs to a hardcoded endpoint https://job-api.alex-c92.workers.dev, sending the...

5.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2026/01/10 12:0 a.m.9 views

mail/mailpit -- Cross-Site WebSocket Hijacking

Mailpit author reports: The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailp...

6.5CVSS6.8AI score0.00208EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-43649

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00672EPSS
Exploits1References3
CNVD
CNVD
added 2020/11/26 12:0 a.m.7 views

LiquidFiles Cross-Site Script Inclusion Vulnerability

LiquidFiles is a virtual appliance that helps companies and organizations send, receive and share large files quickly and securely. A cross-site scripting inclusion vulnerability exists in versions prior to LiquidFiles 3.3.19, which can be exploited by an attacker to obtain encrypted email conten...

6.1CVSS6AI score0.007EPSS
Exploits1References1
Rows per page
Query Builder