Lucene search
K

25564 matches found

Packet Storm
Packet Storm
added 2026/02/24 12:0 a.m.204 views

📄 Cilium 1.18.5 Traffic Bypass

This Python proof of concept script performs a comprehensive node-level analysis to assess a vulnerability in Cilium versions 1.18.0 through 1.18.5 that allows cross-node Pod traffic to bypass Host Firewall policies when Native Routing, WireGuard, and Node Encryption are enabled...

6.1CVSS5.6AI score0.00126EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/02/23 7:20 p.m.2 views

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

7.5CVSS6AI score0.01744EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/23 7:19 p.m.7 views

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

7.5CVSS6AI score0.01744EPSS
Exploits0References4
OSV
OSV
added 2026/02/23 6:23 p.m.5 views

GO-2026-4522 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled in github.com/cilium/cilium

Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled in github.com/cilium/cilium...

6.1CVSS5.3AI score0.00126EPSS
Exploits1References5
Schneier on Security
Schneier on Security
added 2026/02/23 12:3 p.m.6 views

On the Security of Password Managers

Good article on password managers that secretly have a backdoor. New research shows that these claims aren’t true in all cases, particularly when account recovery is in place or password managers are set to share vaults or organize users into groups. The researchers reverse-engineered or closely...

5.7AI score
Exploits0
HackRead
HackRead
added 2026/02/23 11:54 a.m.6 views

Hackers Use Excel Exploit to Hide XWorm 7.2 in JPEG Files, Hijack PCs

A new phishing campaign is spreading XWorm 7.2 via malicious Excel files, hiding the malware in Windows processes, and using AES encryption to steal passwords and Wi-Fi keys...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/23 7:26 a.m.7 views

CVE-2026-2928

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched...

9CVSS6.2AI score0.00495EPSS
Exploits1References1
NVD
NVD
added 2026/02/23 6:16 a.m.6 views

CVE-2026-2974

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

2.5CVSS0.00099EPSS
Exploits0References9
OSV
OSV
added 2026/02/22 5:16 a.m.3 views

CVE-2026-2928

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched...

8.8CVSS6.2AI score0.00495EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/22 5:2 a.m.27 views

CVE-2026-2928 D-Link DWR-M960 WLAN Encryption Configuration Endpoint formWlEncrypt sub_452CCC stack-based overflow

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched...

9CVSS0.00495EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/22 5:2 a.m.3 views

CVE-2026-2928 D-Link DWR-M960 WLAN Encryption Configuration Endpoint formWlEncrypt sub_452CCC stack-based overflow

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched...

9CVSS7.7AI score0.00495EPSS
Exploits1References5
Fedora
Fedora
added 2026/02/22 12:58 a.m.7 views

[SECURITY] Fedora 42 Update: mupdf-1.26.3-5.fc42

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

7.5CVSS6AI score0.00477EPSS
Exploits1
OSV
OSV
added 2026/02/21 8:40 a.m.4 views

BIT-HUBBLE-RELAY-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

6.1CVSS5.5AI score0.00126EPSS
Exploits1References5
OSV
OSV
added 2026/02/21 8:36 a.m.6 views

BIT-CILIUM-OPERATOR-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

6.1CVSS5.5AI score0.00126EPSS
Exploits1References5
OSV
OSV
added 2026/02/21 8:36 a.m.5 views

BIT-CILIUM-2026-26963 Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

6.1CVSS5.5AI score0.00126EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/20 7:39 p.m.4 views

CVE-2026-25998

strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database private keys, EAP secrets, strongMan encrypts the corresponding database fields. So far it used AES in CTR mode with a global database key. Together with an initialization...

8.7CVSS5.7AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 5:25 p.m.3 views

CVE-2026-24455

The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authentication. Traffic is encoded but not encrypted, exposing user credentials to passive interception by attackers on the same network...

7.5CVSS0.00242EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/20 10:40 a.m.7 views

CVE-2026-26963

A flaw was found in Cilium. When specific network configurations, including Native Routing, WireGuard, and Node Encryption, are enabled, Cilium incorrectly allows network traffic from Pods on other nodes. This can lead to unauthorized access to network communications and potential information...

6.1CVSS5.4AI score0.00126EPSS
Exploits1References7
NVD
NVD
added 2026/02/20 12:16 a.m.8 views

CVE-2026-26963

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

6.1CVSS0.00126EPSS
Exploits1References4
OSV
OSV
added 2026/02/20 12:16 a.m.2 views

UBUNTU-CVE-2026-26963

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

6.1CVSS5.8AI score0.00126EPSS
Exploits1References6
Rows per page
Query Builder