Lucene search
K

35 matches found

OSV
OSV
added 2026/06/25 10:34 p.m.7 views

GO-2026-5746 Docker: `PUT /containers/{id}/archive` executes container binary on the host in github.com/docker/docker

Docker: PUT /containers/id/archive executes container binary on the host in github.com/docker/docker...

7.5CVSS5.9AI score0.00153EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5694 Cosign's verify-blob-attestation reports false positive when payload parsing fails in github.com/sigstore/cosign

Cosign's verify-blob-attestation reports false positive when payload parsing fails in github.com/sigstore/cosign...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.6 views

GO-2026-5568 Podman: WORKDIR symlink traversal vulnerability in github.com/containers/podman

Podman: WORKDIR symlink traversal vulnerability in github.com/containers/podman...

5.3CVSS5.8AI score0.00317EPSS
Exploits1References3
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5462 Argo Vulnerable to Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor in github.com/argoproj/argo-workflows

Argo Vulnerable to Unauthenticated Memory Exhaustion DoS in Webhook Interceptor in github.com/argoproj/argo-workflows...

8.2CVSS5.8AI score0.00607EPSS
Exploits1References5
OSV
OSV
added 2026/06/25 10:34 p.m.10 views

GO-2026-5416 gitverify has improper tag signature verification in github.com/supply-chain-tools/gitverify

gitverify has improper tag signature verification in github.com/supply-chain-tools/gitverify...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5353 Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure in github.com/aws/amazon-ecs-agent

Amazon ECS Container Agent Windows is vulnerable to Information Disclosure in github.com/aws/amazon-ecs-agent...

7.5CVSS5.8AI score0.00547EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5378 containerd user ID handling bypass allows runAsNonRoot evasion in github.com/containerd/containerd

containerd user ID handling bypass allows runAsNonRoot evasion in github.com/containerd/containerd...

7.8CVSS5.8AI score0.00221EPSS
Exploits1References1
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5260 SiYuan has incomplete fix for CVE-2026-33066: XSS in github.com/siyuan-note/siyuan/kernel

SiYuan has incomplete fix for CVE-2026-33066: XSS in github.com/siyuan-note/siyuan/kernel...

9CVSS6.3AI score0.00584EPSS
Exploits2References6
OSV
OSV
added 2026/04/07 2:58 p.m.3 views

GO-2026-4886 Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus

Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References3
OSV
OSV
added 2026/04/07 2:58 p.m.3 views

GO-2026-4738 File Browser has an Authorization Policy Bypass in Public Share Download Flow in github.com/filebrowser/filebrowser

File Browser has an Authorization Policy Bypass in Public Share Download Flow in github.com/filebrowser/filebrowser...

6.5CVSS5.8AI score0.00424EPSS
Exploits1References3
OSV
OSV
added 2026/04/02 6:42 p.m.6 views

GO-2026-4903 nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI

nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI...

9.4CVSS5.9AI score0.00328EPSS
Exploits1References2
OSV
OSV
added 2026/03/26 8:33 p.m.4 views

GO-2026-4844 Zoraxy: Authenticated Path Traversal in Config Import leads to RCE in github.com/tobychui/zoraxy

Zoraxy: Authenticated Path Traversal in Config Import leads to RCE in github.com/tobychui/zoraxy...

8.8CVSS5.8AI score0.00434EPSS
Exploits1References3
OSV
OSV
added 2026/03/26 8:33 p.m.5 views

GO-2026-4832 NATS JetStream has an authorization bypass through its Management API in github.com/nats-io/nats-server

NATS JetStream has an authorization bypass through its Management API in github.com/nats-io/nats-server...

4.9CVSS5.9AI score0.00306EPSS
Exploits0References2
OSV
OSV
added 2026/03/26 8:33 p.m.6 views

GO-2026-4829 NATS Server panic via malicious compression on leafnode port in github.com/nats-io/nats-server

NATS Server panic via malicious compression on leafnode port in github.com/nats-io/nats-server...

7.5CVSS5.9AI score0.00658EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 8:33 p.m.5 views

GO-2026-4813 New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api

New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api...

4.9CVSS5.9AI score0.00289EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 8:33 p.m.10 views

GO-2026-4827 NATS credentials are exposed in monitoring port via command-line argv in github.com/nats-io/nats-server

NATS credentials are exposed in monitoring port via command-line argv in github.com/nats-io/nats-server...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References2
OSV
OSV
added 2026/03/26 8:33 p.m.6 views

GO-2026-4826 NATS: Message tracing can be redirected to arbitrary subject in github.com/nats-io/nats-server

NATS: Message tracing can be redirected to arbitrary subject in github.com/nats-io/nats-server...

4.3CVSS5.9AI score0.00228EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 8:32 p.m.3 views

GO-2026-4701 github.com/ctfer-io/monitoring Vulnerable to Improper Access Control

github.com/ctfer-io/monitoring Vulnerable to Improper Access Control...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References5
OSV
OSV
added 2026/03/26 8:32 p.m.18 views

GO-2026-4708 SiYuan importStdMd: unvalidated localPath imports arbitrary host directories as persistent notes in github.com/siyuan-note/siyuan

SiYuan importStdMd: unvalidated localPath imports arbitrary host directories as persistent notes in github.com/siyuan-note/siyuan...

6.8CVSS5.9AI score0.00431EPSS
Exploits1References4
OSV
OSV
added 2026/03/23 6:16 p.m.11 views

GO-2026-4796 ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx

ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx...

8.8CVSS5.8AI score0.01494EPSS
Exploits1References5
Rows per page
Query Builder