CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

GithubExploit•added 6 days ago•57 views

Exploit for CVE-2026-40564

CVE-2026-40564: SSRF via FlinkSessionJob.spec.job.jarURI in fl...

5.8AI score0.00053EPSS

Exploits1

ATTACKERKB•added 2026/05/26 2:38 p.m.•6 views

CVE-2026-40564

Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...

5.8AI score0.00053EPSS

Exploits1References2Affected Software1

CNNVD•added 2026/05/26 12:0 a.m.•4 views

Apache Flink Kubernetes Operator 安全漏洞

Apache Flink Kubernetes Operator is an operations component for Flink clusters developed by the Apache Foundation. Versions of Apache Flink Kubernetes Operator from 1.3.0 to 1.15.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation of the jarURI in...

6.5CVSS5.8AI score0.00053EPSS

Exploits1References2

IBM Security Bulletins•added 2026/05/14 10:0 a.m.•10 views

Security Bulletin: IBM Operator for Apache Flink is affected by a vulnerability in AssertJ library (CVE-2026-24400)

Summary This security vulnerability in the AssertJ library used within IBM Event Processing could allow an attacker to exploit specially crafted XML input to cause local file disclosure, server-side request forgery SSRF, or denial of service in Java-based components running on the Apache Flink...

9.1CVSS5.9AI score0.00029EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by