Lucene search
K

47 matches found

OSV
OSV
added 6 days ago3 views

ALPINE-CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS6.2AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2026/07/03 6:18 a.m.3 views

CVE-2026-9547 SSH improper host validation

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

7.4CVSS6.1AI score0.00508EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/06/16 11:34 p.m.12 views

n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host

Impact An authenticated user with permission to create or modify workflows and access to a SecurityScorecard credential with limited allowed domains could configure the SecurityScorecard node's report download operation to target an attacker-controlled URL. The node attached the SecurityScorecard...

7.7CVSS5.3AI score0.00353EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvF...

4CVSS5.4AI score0.00136EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.15 views

RHEL 9 : frr10 (RHSA-2026:24370)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24370 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi- threaded approach to resolve the...

7.5CVSS5.5AI score0.00389EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. Docker Model Runner vllm-metal contains a security vulnerability. This vulnerability arises from setting trustremotecode=True without any sandbox protection. It may allow arbitrary Python files to be executed during...

8.8CVSS6.3AI score0.00224EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/08 3:35 a.m.11 views

CVE-2026-42271 LiteLLM: Authenticated command execution via MCP stdio test endpoints

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

8.7CVSS5.9AI score0.80188EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCTspecificdata segments during...

8.2CVSS6.9AI score0.00465EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2026/04/01 12:0 a.m.5 views

Mageia: Security Advisory (MGASA-2026-0076)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00204EPSS
Exploits1References6
CVE
CVE
added 2026/03/24 8:26 p.m.9 views

CVE-2026-4433

Tenable OT contains an SSH misconfiguration that can allow exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could enable an attacker to gather system details and potentially aid host compromise. Affected item is the SSH configuration; the vulnerab...

4.8CVSS5.8AI score0.00247EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2026-1447)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.8AI score0.0063EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/09 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2026:0816-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.8AI score0.00291EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/21 9:32 a.m.24 views

CVE-2026-27486 OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup

OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes...

4.3CVSS0.00292EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/02/17 4:40 p.m.4 views

USN-8049-1: Nova vulnerability

Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use this issue to destroy data on the host system...

8.2CVSS5.6AI score0.00341EPSS
Exploits0
OpenVAS
OpenVAS
added 2026/02/05 12:0 a.m.3 views

Mageia: Security Advisory (MGASA-2026-0031)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.6AI score0.00193EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/02/03 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1215)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.0051EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/02/03 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1214)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.4AI score0.00438EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/01/09 12:0 a.m.6 views

Debian: Security Advisory (DSA-6096-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score
Exploits0References2
OpenVAS
OpenVAS
added 2026/01/08 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.02752EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/11/12 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2025-2364)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS5.9AI score0.00739EPSS
Exploits4References2
Rows per page
Query Builder