Lucene search
K

8775 matches found

GithubExploit
GithubExploit
added 2026/06/12 10:20 a.m.89 views

Exploit for CVE-2026-53646

███████╗ ██████╗ ███████╗██╗ ██╗██╗██╗ ██╗ ███████...

5.6AI score0.0042EPSS
Exploits1
OSV
OSV
added 2026/06/12 9:5 a.m.8 views

BIT-GITLAB-2026-9204 Server-Side Request Forgery (SSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to read arbitrary files from the Gitaly server and access internal network resources...

6.5CVSS5.5AI score0.00247EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 12:31 a.m.10 views

EUVD-2026-36365

Incomplete input validation and improperly configured folder permissions within Idira Privileged Session Manager PSM versions prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5, an authenticated, low-privileged user could potentially execute arbitrary code. CyberArk Security Bulletin: CA26-17 and CA26-1...

9.3CVSS5.8AI score0.00544EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-48985

Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0-latest through 2026.1.3 Discourse versions 2026.3.0-latest through 2026.3.0 Discourse versions 2026.4.0-latest through 2026.4.0 Description Four authorization and information disclosure issues exist within the chat...

5.3CVSS5.2AI score0.00204EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.9 views

PT-2026-48837

Name of the Vulnerable Software and Affected Versions WP Time Slots Booking Form versions prior to 1.2.47 Description Unauthenticated Cross Site Scripting XSS allows an attacker to execute malicious scripts in the browser of a user without requiring authentication. Recommendations Update to a...

7.1CVSS5.3AI score0.0021EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

EulerOS Virtualization 2.13.1 : expat (EulerOS-SA-2026-2369)

According to the versions of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory...

5.5CVSS5.5AI score0.00216EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/11 9:55 p.m.40 views

CVE-2026-45171 Idira Privileged Session Manager (PSM): Potential Code Execution due to an Incomplete Input Validation

Incomplete input validation and improperly configured folder permissions within Idira Privileged Session Manager PSM versions prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5, an authenticated, low-privileged user could potentially execute arbitrary code. CyberArk Security Bulletin: CA26-17 and CA26-1...

8.7CVSS0.00544EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/11 9:41 p.m.35 views

CVE-2026-45172 Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command

Due to incomplete input validation in Idira Privileged Session Manager for SSH PSMP versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18...

8.7CVSS0.0055EPSS
Exploits0References4
OSV
OSV
added 2026/06/11 12:55 p.m.5 views

USN-8422-1 mistral vulnerability

Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints. An attacker could possibly execute arbitrary code on a Mistral worker and possibly extract sensitive data including service credentials from it...

9.9CVSS5.9AI score0.00733EPSS
Exploits0References2
HackRead
HackRead
added 2026/06/11 12:49 p.m.14 views

The Hidden Security Risks of Poor Software Testing

Poor Software Testing can expose hidden flaws, vulnerable dependencies and weak controls, increasing breach risks, downtime and costly fixes after release...

5.5AI score
Exploits0
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

Axios 安全漏洞

Axios is an open-source HTTP client developed by Axios. Versions prior to 0.32.0 and 1.16.0 of Axios contain security vulnerabilities. These vulnerabilities stem from two prototype pollution tools that may cause upstream dependencies to pollute Object.prototype, allowing Axios to silently use the...

8.2CVSS5.3AI score0.00287EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.27 views

Apple多款产品 访问控制错误漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

5.3CVSS5.4AI score0.0023EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSL (a57fe2c1-6476-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a57fe2c1-6476-11f1-958d-bc241121aa0a advisory. Multiple issues have been reported as part of this advisory with different issues affecting...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.17 views

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8098-8)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8098-8 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

7.8CVSS6.8AI score0.00254EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.8 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : Apache HTTP Server vulnerabilities (USN-8338-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8338-1 advisory. It was discovered that Apache HTTP Server incorrectly handled certain response headers. An attacker could possibly us...

9.8CVSS7AI score0.41611EPSS
Exploits2References16
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the /automod add, /automod remove, and /automod list commands not having the required...

7.2CVSS5.5AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

GitLab Enterprise Edition(EE) 安全漏洞

GitLab Enterprise Edition EE is a content management system provided by the American company GitLab. There were security vulnerabilities in versions prior to GitLab EE 13.9, as well as versions prior to 18.10.8, 18.11.5, and 19.0.2. These vulnerabilities stemmed from incorrect authorization...

4.3CVSS5.3AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.8 views

CVE-2026-45642

Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack...

3.9CVSS5.4AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 6:16 p.m.14 views

CVE-2026-45062

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS0.00568EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 5:38 p.m.16 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.6.3 Update

New Red Hat build of Keycloak 26.6.3 packages are available from the Customer Portal Red Hat build of Keycloak 26.6.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes...

8.8CVSS5.5AI score0.00476EPSS
Exploits0References1
Rows per page
Query Builder