Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/04/14 10:37 p.m.5 views

EUVD-2026-17241

Kyverno has SSRF via CEL http.Get/http.Post in NamespacedValidatingPolicy allows cross-namespace data access...

9.8CVSS6AI score0.00023EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2026/03/31 11:28 p.m.3 views

SUSE CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

9.8CVSS5.9AI score0.00023EPSS
Exploits0References3
Snyk
Snykadded 2026/03/30 10:36 p.m.3 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CEL-based HTTP functions. An attacker can make unauthorized network requests to internal or external resources and exfitrate sensitive information AWS IAM credentials, GCP tokens by crafting...

9.8CVSS5.6AI score0.00023EPSS
Exploits0References2
NVD
NVDadded 2026/03/30 9:17 p.m.4 views

CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

9.8CVSS0.00023EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/30 8:44 p.m.3 views

CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

5.9AI score0.00023EPSS
Exploits0References4Affected Software1
CERT
CERTadded 2026/03/30 12:0 a.m.6 views

Kyverno is vulnerable to server-side request forgery (SSRF)

Overview Kyverno, versions 1.16.0 to present, contains an SSRF vulnerability in its CEL-based HTTP functions, which lack URL validation or namespace scoping and allow namespaced policies to trigger arbitrary internal HTTP requests. An attacker with only namespace-level permissions can exploit thi...

9.8CVSS6.1AI score0.00023EPSS
Exploits0References3
NVD
NVDadded 2020/10/16 11:15 p.m.14 views

CVE-2020-16904

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys. An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization. This security update addresses the vulnerability by correctly...

9.8CVSS0.02433EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2020/10/13 7:0 a.m.27 views

Azure Functions Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys. An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization. This security update addresses the vulnerability by correctly...

9.8CVSS2.4AI score0.02433EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2009/01/12 12:0 a.m.29 views

GLSA-200901-05 : Streamripper: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200901-05 Streamripper: Multiple vulnerabilities Stefan Cornelius from Secunia Research reported multiple buffer overflows in the httpparsescheader, httpgetpls and httpgetm3u functions in lib/http.c when parsing overly long HTTP...

9.3CVSS6.1AI score0.07684EPSS
Exploits1References2
Rows per page
Query Builder