Lucene search
K

7 matches found

EUVD
EUVD
added 2026/06/23 3:35 p.m.8 views

EUVD-2026-38466

NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups. Scoped admins can submit forged or stale connect callback values to wire messaging channel...

5.4CVSS5.9AI score0.00171EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 3:35 p.m.10 views

CVE-2026-56694

NanoClaw

5.4CVSS5.9AI score0.00171EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 5:16 p.m.13 views

CVE-2026-44320

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback...

7.3CVSS0.00241EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/27 3:48 p.m.8 views

CVE-2026-44320 free5GC: NEF nnef-callback route group is unauthenticated; forged callback requests are accepted into the processing path

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback...

7.3CVSS5.9AI score0.00241EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/27 3:48 p.m.42 views

CVE-2026-44320 free5GC: NEF nnef-callback route group is unauthenticated; forged callback requests are accepted into the processing path

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback...

7.3CVSS0.00241EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF route group nnef-callback was mounted, whic...

7.3CVSS5.8AI score0.00241EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/16 6:31 a.m.7 views

EUVD-2026-23194

The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successfulrequest handlers calculating a local signature but not validating DsSignature from the request before...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References3
Rows per page
Query Builder