Lucene search
+L

456 matches found

CVE
CVE
added 3 days ago7 views

CVE-2026-59258

CVE-2026-59258 affects Immich before 3.0.3. A broken access control on PUT /albums/:id/user/:userId lets shared album editors modify member roles, enabling an editor to demote the owner to editor and promote themselves to owner via sequential requests, yielding full control including deletion and...

8.3CVSS6.1AI score0.00315EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 9:1 p.m.7 views

GHSA-V2JF-442R-6MJH nebula-mesh: Signed-poll nonce LRU is in-memory and bounded; replay survives restart + eviction

internal/api/pop/nonce.go:25,40,86 + internal/api/server.go:38 — the signed-poll nonce cache is an in-process LRU sized at 65,536 entries. internal/api/updates.go:31 sets pollClockSkew = 5 time.Minute as the replay window. Affected All released versions through v0.3.0 that have shipped the ADR 00...

6.9CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2026/06/24 4:28 p.m.13 views

CVE-2026-52949

In CVE-2026-52949, the Linux kernel DRM/TTM component ttm_bo_shrink() was fixed to prevent an infinite LRU walk on backup failure. The patch mirrors the prior ttm_bo_swapout() fix: move del_bulk_move from before the backup to after success, and switch to using ttm_resource_del_bulk_move_unevictab...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for NULL dereference on the root when tracing inode eviction. When evicting an inode, the first step is to set up tracing for it, which involves retrieving the root’s ID. However, in btrfsevictinode, the root might be...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Fixed the race condition between freeing data and accessing it through the file system. AppArmor originally placed a reference to private data after removing the original entry from the file system. However, the inode m...

7.8CVSS6.1AI score0.00145EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:16 p.m.10 views

CVE-2026-46554

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. The API token deletion path removed the database row bu...

2.3CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:30 p.m.25 views

CVE-2026-46554

NocoDB prior to 2026.04.4 is affected by a stale-auth-cache issue: when an API token is deleted, the auth cache entry keyed by the token value is not evicted, allowing the token to continue authenticating until the cache entry expires. This creates a deletion-to-revocation window of up to three d...

2.3CVSS5.8AI score0.00197EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 10:41 a.m.8 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2026/06/15 10:18 a.m.13 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2026/06/11 11:44 a.m.11 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6AI score0.01286EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2026/06/11 10:5 a.m.7 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6AI score0.01286EPSS
Exploits4References6
RedhatCVE
RedhatCVE
added 2026/06/10 10:16 p.m.11 views

CVE-2026-10143

A flaw was found in kafka-python. A malicious or machine-in-the-middle broker could exploit a denial-of-service vulnerability during SCRAM authentication. By providing an excessively large iteration count, the broker can cause the client's event loop to freeze. This prevents critical operations...

8.7CVSS5.1AI score0.00517EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.11 views

CVE-2026-49843

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS5.4AI score0.00284EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 8:22 p.m.8 views

Unchecked Input for Loop Condition

Overview kafka-python is a Pure Python client for Apache Kafka Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the SCRAM authentication handling. An attacker can cause the client's event loop to freeze by supplying an excessively large iteration count...

8.7CVSS5.5AI score0.00517EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.32 views

PT-2026-48531

Name of the Vulnerable Software and Affected Versions kafka-python versions prior to 2.3.2 Description A denial-of-service issue exists in the SCRAM authentication handling. A malicious or machine-in-the-middle broker can freeze the client event loop by providing an excessively large iteration...

8.7CVSS5.5AI score0.00517EPSS
Exploits0References6
NVD
NVD
added 2026/06/09 5:17 p.m.15 views

CVE-2026-49843

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS0.00284EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:4 p.m.42 views

CVE-2026-49843 FreeSWITCH: Pre-authentication session eviction via attacker-chosen `sessid` in `mod_verto`

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 4:4 p.m.17 views

EUVD-2026-35492

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS5.4AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 4:4 p.m.10 views

CVE-2026-49843 FreeSWITCH: Pre-authentication session eviction via attacker-chosen `sessid` in `mod_verto`

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS5.4AI score0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 4:4 p.m.3 views

CVE-2026-49843 FreeSWITCH: Pre-authentication session eviction via attacker-chosen `sessid` in `mod_verto`

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS5.9AI score0.00284EPSS
Exploits0References4
Rows per page
Query Builder