Lucene search
K

491 matches found

OSV
OSV
added 2026/07/02 4:34 p.m.10 views

GHSA-JVM4-4J77-39P6 OpenClaw: QQBot streaming command could mutate config without explicit allowFrom

Summary QQBot streaming command could mutate config without explicit allowFrom. In affected versions, a QQBot sender reaching the affected command could change configuration without requiring an explicit non-wildcard allowlist entry. This advisory is scoped to the named feature and configuration...

8.7CVSS6AI score0.00172EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 6:47 p.m.6 views

EUVD-2026-9141

Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence...

6.5CVSS5.8AI score0.00394EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2026/06/25 4:17 p.m.6 views

CVE-2026-9799 Keycloak: keycloak: unauthorized access to resources via uma permission ticket bypass

A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access UMA permission ticket for one resource can exploit this by using a specific permission request prefix to bypass per-resource access control. This allows the user to gain unauthorized access to...

4.6CVSS5.8AI score0.00166EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb – revert the use of devmkzalloc in btusb This change reverts to the behavior described in commit 98921dbd00c4e “Bluetooth: Use devmkzalloc in btusb.c file”. In btusbprobe, we use devmkzalloc to allocate the btusb...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

In memzeroexplicit of compiler-clang.h, there is a possible way to bypass defense in depth due to uninitialized data. This could lead to the disclosure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51104

Name of the Vulnerable Software and Affected Versions @tinacms/app versions prior to 2.5.6 tinacms versions prior to 3.9.3 Description Cross-origin postMessage handlers allow for stored XSS and session takeover. The software registers window message listeners—specifically the useTina overlay...

8.5CVSS5.8AI score0.00196EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.6 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS5.5AI score0.00126EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/15 8:16 p.m.16 views

Starlette: Arbitrary HTTP method dispatched to `HTTPEndpoint` attributes via `getattr`

Summary When dispatching a request, HTTPEndpoint selects the handler by lowercasing the HTTP method and looking it up as an attribute with getattr, without restricting the lookup to a known set of HTTP verbs. When an HTTPEndpoint subclass is registered through Route... without an explicit methods...

5.3CVSS5.4AI score0.00213EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/06/15 8:16 p.m.11 views

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' when dispatching HTTP requests to endpoint attributes via getattr. An attacker can invoke internal...

6.3CVSS5.5AI score0.00213EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/11 6:23 a.m.22 views

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the "npm install" command to trigger the execution of malicious code...

6.6AI score
Exploits0
OSV
OSV
added 2026/05/29 1:34 p.m.11 views

OESA-2026-2491 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

8.8CVSS5.9AI score0.00242EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.17 views

SUSE CVE-2025-71303

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...

4.7CVSS5.8AI score0.00102EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 3:16 p.m.11 views

UBUNTU-CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.8CVSS5.8AI score0.00242EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 2:26 p.m.12 views

EUVD-2026-32525

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.8CVSS5.8AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-44133

Description SymfonyComponentHtmlSanitizerTextSanitizerUrlSanitizer::parse used by UrlSanitizer::sanitize and therefore by every HtmlSanitizer config that allows links or media accepts URLs that contain Unicode explicit-direction BiDi formatting characters: U+202A–U+202E LRE / RLE / PDF / LRO / RL...

6.9CVSS5.9AI score0.00069EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.38 views

Measuring Real-World Prompt Injection Attacks in LLM-Based Resume Screening

LLMs are vulnerable to prompt injection attacks. However, this vulnerability has been primarily demonstrated conceptually in academic studies or through a few anecdotal case studies. Its prevalence and impact in real-world LLM-based applications are largely unexplored. In this work, we present th...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 9:9 a.m.11 views

Malicious code in @pisell/pisellos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e11b6f8e400f4de371e79ce547444daf3787d6217037ea2e8d05c8ba86cbfbb2 The package advertises itself as a point-of-sale / venue-booking SDK, but its ScanOrderImpl and VenueBookingImpl solution classes register a default...

5.8AI score
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing in ESI. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should...

5.5CVSS5.4AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openssl1.0

Normally, in OpenSSL, EC groups always contain a co-factor, and this co-factor is used in code paths that resist side channels. However, in some cases, it is possible to create a group using explicit parameters instead of a named curve. In these cases, the group may not contain a co-factor. This...

4.7CVSS6.7AI score0.01188EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/14 8:15 p.m.11 views

Default kuma-cp leaks admin token cross-origin via CORS wildcard + LocalhostIsAdmin

Summary Default kuma-cp config leaks the admin bootstrap token and signing keys to any webpage the operator visits while the control plane is reachable from their browser. CorsAllowedDomains: "." reflects any Origin, and LocalhostIsAdmin: true promotes requests from 127.0.0.1 to mesh-system:admin...

5.1CVSS5.8AI score0.00204EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder