Lucene search
+L

3537 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/26 8:57 p.m.12 views

CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS6AI score0.00386EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/26 7:40 p.m.4 views

CVE-2026-53297 net: mana: Guard mana_remove against double invocation

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
Hacker One
Hacker One
added 2026/06/26 2:17 p.m.49 views

curl: ssh_config_matches is dead code: unauthorized SSH key reuse

Summary libcurl's SSH connection-reuse guard sshconfigmatches — added for CVE-2022-27782 and reaffirmed by CVE-2023-27538 — is dead code in every release since 7.83.1. It compares sshc-rsa / sshc-rsapub between a new transfer "needle" and a pooled connection, but on both sides those pointers are...

7.7CVSS6.7AI score0.02596EPSS
Exploits2
NVD
NVD
added 2026/06/25 7:16 p.m.14 views

CVE-2026-55667

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.16, a scoped, non-admin File Browser user holding only the Create permission can delete arbitrary files outside their scope other tenants' data, a...

8.2CVSS0.00359EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 7:8 p.m.3 views

CVE-2026-57520 Bitwarden Server < 2026.5.0 Privilege Escalation via Bulk User Remove Endpoint

Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing role hierarchy check in the bulk user-remove endpoint. Attackers can supply Admin...

7.1CVSS6AI score0.00354EPSS
Exploits1References8
CVE
CVE
added 2026/06/25 5:32 p.m.17 views

CVE-2026-55667

File Browser CVE-2026-55667 allows a scoped, non-admin user with only Create permission to delete files outside their scope during failed-upload cleanup. The issue stems from ScopedFs.RemoveAll bypassing the symlink guard that other methods enforce, with the direct-upload cleanup path invoking Re...

8.2CVSS6AI score0.00359EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 a.m.11 views

CVE-2026-53269

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.5CVSS0.00119EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53178

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: rtwmlme: add bounds checks before ielength subtraction Add guards to ensure ielength is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow...

8.1CVSS0.00214EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

6CVSS5.7AI score0.00119EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53235

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

5.6AI score0.00466EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.15 views

CVE-2026-53235

Summary of technical details (CVE-2026-53235) : The Linux kernel GRO receive path had a bug in skb_gro_receive_list() where skb_pull(skb, skb_gro_offset(skb)) could run without ensuring the data is linear (missing pskb_may_pull() guard). When packets arrive via napi_gro_frags(), skb_headlen can b...

7.5CVSS5.7AI score0.00466EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53235 net: add pskb_may_pull() to skb_gro_receive_list()

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38833

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00122EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.11 views

CVE-2026-53048

The CVE concerns the Linux kernel gfs2 subsystem. During unmount, gfs2_log_flush() could dereference sdp-&gt;sd_jdesc when it had already been deallocated, leading to a NULL pointer dereference. A prior commit (35264909e9d1) added a NULL check in gfs2_log_flush(), but the dereference in gfs2_log_...

5.7AI score0.00172EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53032 bpf: Fix NULL deref in map_kptr_match_type for scalar regs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in mapkptrmatchtype for scalar regs Commit ab6c637ad027 "bpf: Fix a bpfkptrxchg issue with local kptr" refactored mapkptrmatchtype to branch on btfiskernel before checking basetype. A scalar register stored in...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52965

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00122EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/24 4:28 p.m.2 views

CVE-2026-52965 drm/ttm: Fix ttm_bo_swapout() infinite LRU walk on swapout failure

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: - svcrdma: The bound check of rqpages index in the inline path. - svcrdmacopyInlineRange: Indexing rqstp-rqpagesrccurpage without verifying that rccurpage remains within the allocated page array. Add guards before the first us...

7.8CVSS6AI score0.00129EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: accel/ivpu: Fixed a race condition when unbinding BOs. Fixed a warning stating “Memory manager not cleaned during takedown” that occurs when ivpugembofree removes a BO from the BOs list before it is unmapped. This issue caused...

4.7CVSS6AI score0.00086EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys – prevented overflow in asymmetrickeygenerateid. Use checkaddoverflow to prevent potential integer overflows when adding the lengths of binary blobs and the size of an asymmetrickeyid structure. Return...

6AI score0.0017EPSS
Exploits0References3
Rows per page
Query Builder