Lucene search
+L

1635 matches found

Nuclei
Nuclei
added yesterday45 views

QNAP HBS 3 - Broken Access Control

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...

10CVSS8.7AI score0.7825EPSS
Exploits0References4
OSV
OSV
added 4 days ago3 views

JLSEC-2026-757 Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026...

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS6.1AI score0.00346EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/08 8:58 p.m.6 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by uncontrolled resource consumption and denial of service. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-7531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a...

9.8CVSS6AI score0.00346EPSS
Exploits0References3
Wiz blog
Wiz blog
added 2026/06/29 1:39 p.m.11 views

Bridging the Visibility Gap: A Unified Security Operating Model for Hybrid Cloud Teams

Move beyond chasing vulnerabilities to a unified hybrid risk strategy. The Sensor Workload Scanner is now GA and extends our risk prioritization engine to on-premise environments to identify the critical attack paths across your hybrid cloud...

5.8AI score
Exploits0
NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS0.00346EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 8:17 p.m.4 views

DEBIAN-CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 8:17 p.m.5 views

UBUNTU-CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:1 p.m.6 views

CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

2.3CVSS5.9AI score0.00346EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 8:1 p.m.6 views

EUVD-2026-39554

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

6.5CVSS5.8AI score0.00346EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 8:1 p.m.10 views

CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS5.8AI score0.00346EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52577

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS5.9AI score0.00346EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.9 views

openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword. A less preferred key exchange may be used...

6.5CVSS5.8AI score0.00435EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.18 views

MARCIM-WG: A Cyber Wargame Proposal Based on Math Modeling Applied in a Naval Scenario

As maritime operations increasingly depend on interconnected digital ecosystems, cyber incidents can propagate across maritime networks and degrade critical services. Strengthening strategic Cyber Situational Awareness CSA therefore requires training mechanisms that expose decision-makers to...

5.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/06/09 2:0 p.m.21 views

Description of the security update for SharePoint Server 2016 Language Pack: June 9, 2026 (KB5002881)

None None...

8.4CVSS6.7AI score0.00467EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 11:30 a.m.21 views

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.16 views

On the Study of Biometric Spoofing Detection Using Deep Learning

Biometric systems are increasingly deployed in security applications; however, they remain vulnerable to spoofing attacks, in which attackers exploit counterfeit biometric data to gain unauthorized access. This research evaluates the effectiveness of state-of-the-art machine learning models,...

5.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 10:3 p.m.14 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerabilit...

9.8CVSS6.3AI score0.00847EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 7:7 p.m.13 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a remote code execution vulnerability (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a remote code execution vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

9CVSS6.3AI score0.00508EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:41 p.m.10 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a security bypass vulnerability (CVE-2026-5516)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a security bypass vulnerability with the appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the...

5.9CVSS5.5AI score0.00213EPSS
Exploits0Affected Software1
Rows per page
Query Builder