Lucene search
K

25599 matches found

OSV
OSV
added 12 hours ago7 views

ROOT-OS-DEBIAN-13-CVE-2026-27456 CVE-2026-27456 in rootio-util-linux - Patched by Root

Root has patched CVE-2026-27456 in the rootio-util-linux package for Root:Debian:13. Multiple fixed versions available...

4.7CVSS5.8AI score0.00118EPSS
Exploits1
OSV
OSV
added 13 hours ago2 views

ROOT-APP-NPM-CVE-2026-32630 CVE-2026-32630 in @rootio/file-type - Patched by Root

Root has patched CVE-2026-32630 in the @rootio/file-type package for Root:npm. Multiple fixed versions available...

5.3CVSS5.9AI score0.00299EPSS
Exploits1
OSV
OSV
added 14 hours ago5 views

ROOT-OS-DEBIAN-11-CVE-2026-25210 CVE-2026-25210 in rootio-expat - Patched by Root

Root has patched CVE-2026-25210 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS5.8AI score0.00193EPSS
Exploits0
Nuclei
Nuclei
added 15 hours ago73 views

Jenkins build-metrics 1.3 - Cross-Site Scripting

Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides. id: CVE-2019-10475 info: name: Jenkins build-metrics 1.3 - Cross-Site Scripting author: madrobot severity...

6.1CVSS6.5AI score0.57735EPSS
Exploits5References5
Nuclei
Nuclei
added 15 hours ago68 views

GeoServer and GeoTools - Remote Code Execution

GeoTools is an open source Java library that provides tools for geospatial data. Prior to versions 31.2, 30.4, and 29.6, Remote Code Execution RCE is possible if an application uses certain GeoTools functionality to evaluate XPath expressions supplied by user input. Versions 31.2, 30.4, and 29.6...

9.8CVSS7.2AI score0.99813EPSS
Exploits25References3
Rockylinux
Rockylinux
added 20 hours ago3 views

golang security, bug fix, and enhancement update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

9.6CVSS6.4AI score0.00478EPSS
Exploits0
Mageia
Mageia
added 2 days ago4 views

Updated libarchive packages fix security vulnerabilities

The updated packages fix bugs including security ones...

9.8CVSS6.7AI score0.01073EPSS
Exploits1References2
Cvelist
Cvelist
added 3 days ago28 views

CVE-2026-57212 RabbitMQ management HTTP API accepts request bodies larger than configured max_http_body_size

RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmqmanagement HTTP API accepts oversized valid JSON bodies on withdecode and directrequest paths because readcompletebody checks the accumulated size before the final chunk but not the final combin...

7.1CVSS0.00293EPSS
Exploits0References6
CVE
CVE
added 3 days ago10 views

CVE-2026-56665

ZITADEL's external JWT Identity Provider validation (internal/idp/providers/jwt/session.go) does not enforce expiration when an incoming token omits the exp claim, causing tokens from trusted issuers to be treated as valid without an automatic expiration window. Affected releases: 3.0.0-rc.1 thro...

4.2CVSS6.1AI score0.00167EPSS
Exploits0References5
OSV
OSV
added 3 days ago4 views

ROOT-OS-DEBIAN-13-CVE-2025-14524 CVE-2025-14524 in rootio-curl - Patched by Root

Root has patched CVE-2025-14524 in the rootio-curl package for Root:Debian:13. Multiple fixed versions available...

5.3CVSS5.9AI score0.00611EPSS
Exploits1
Rockylinux
Rockylinux
added 3 days ago6 views

podman security, bug fix, and enhancement update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

9.1CVSS6.4AI score0.00525EPSS
Exploits0
OSV
OSV
added 3 days ago7 views

ROOT-APP-PYPI-CVE-2024-30251 CVE-2024-30251 in rootio-aiohttp - Patched by Root

Root has patched CVE-2024-30251 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

7.5CVSS7.2AI score0.01085EPSS
Exploits0
OSV
OSV
added 3 days ago14 views

ROOT-APP-PYPI-GHSA-MV93-W799-CJ2W GHSA-mv93-w799-cj2w in rootio-GitPython - Patched by Root

Root has patched GHSA-mv93-w799-cj2w in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...

7CVSS5.8AI score
Exploits0
OSV
OSV
added 3 days ago4 views

ROOT-OS-DEBIAN-13-CVE-2026-3479 CVE-2026-3479 in rootio-python3.13 - Patched by Root

Root has patched CVE-2026-3479 in the rootio-python3.13 package for Root:Debian:13. Multiple fixed versions available...

3.3CVSS5.8AI score0.00238EPSS
Exploits0
OSV
OSV
added 3 days ago6 views

ROOT-OS-DEBIAN-12-CVE-2025-10148 CVE-2025-10148 in rootio-curl - Patched by Root

Root has patched CVE-2025-10148 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

5.3CVSS5.4AI score0.00466EPSS
Exploits0
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-57306

Name of the Vulnerable Software and Affected Versions RabbitMQ versions prior to 3.13.15 RabbitMQ versions prior to 4.0.20 RabbitMQ versions prior to 4.1.11 RabbitMQ versions prior to 4.2.6 Description RabbitMQ fails to perform authorization checks on passive queue.declare and exchange.declare AM...

5.3CVSS6.1AI score0.00269EPSS
Exploits0References10
NVD
NVD
added 4 days ago6 views

CVE-2026-53962

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, insufficient SVG sanitization in upload and user avatar handling could lead to cross-site scripting when a user visited specific URLs that are not normally part of community browsing. This issue ...

5.4CVSS0.00264EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-44787

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the signup flow could allow newly registered users to set primarygroupid and gain whisper-group privileges without legitimate group membership on sites with whispersallowedgroups configured. This...

8.2CVSS6AI score0.00309EPSS
Exploits0References10Affected Software1
RedHat Linux
RedHat Linux
added 4 days ago5 views

Important: Red Hat Security Advisory: golang security, bug fix, and enhancement update

An update for golang is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.6CVSS6.1AI score0.00478EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-50188 Kirby: Request header injection in `Http\Remote`

Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins using the Kirby Http Remote class, including Remote::request, Remote::get, and Remote::post, to send outgoing HTTP requests with untrusted data in the headers option could allow newline characters...

6.9CVSS0.0029EPSS
Exploits0References5
Rows per page
Query Builder