Lucene search
K

2032 matches found

The Hacker News
The Hacker News
added 2026/05/27 11:45 a.m.22 views

3 SOC Steps that Shut Down Incident Risks Early

Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulat...

6AI score
Exploits0
OSV
OSV
added 2026/05/21 8:39 p.m.6 views

GHSA-F76X-F9VJ-92JV NocoDB: Stale Auth Cache After API Token Deletion

Summary Deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. Details The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache...

2.3CVSS5.7AI score0.00197EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/21 8:39 p.m.15 views

NocoDB: Stale Auth Cache After API Token Deletion

Summary Deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. Details The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache...

2.3CVSS5.7AI score0.00197EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42622

Summary Deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. Details The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache...

2.3CVSS5.7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42680

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.4 Description Deleted API tokens continue to authenticate requests until their cache entry expires because the authentication cache is not invalidated by the token value during deletion. The deletion process...

2.3CVSS5.7AI score0.00197EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a combination of JIT blinding and pointers to bpf subprogs. The combination of JIT blinding and pointers to bpf subprogs causes the following issue: 36.989548 BUG: Unable to handle a page fault for address:...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 2:50 p.m.7 views

GHSA-W94C-4VHP-22GX @vitejs/plugin-rsc has a Denial of Service Vulnerability in React Server Components

Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.6. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh Patches Upgrade immediately to @vitejs/[email protected] or...

7.5CVSS5.8AI score0.01533EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.17 views

SUSE CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an...

5.5CVSS6.8AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 3:16 p.m.5 views

CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS0.00123EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:15 p.m.4 views

CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/01 2:15 p.m.8 views

EUVD-2026-26623

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.8AI score0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.31 views

CVE-2026-43024 netfilter: nf_tables: reject immediate NF_QUEUE verdict

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 2:15 p.m.26 views

CVE-2026-43024

CVE-2026-43024 affects Linux kernel nf_tables/netfilter: nf_queue. The issue is that immediate NF_QUEUE verdicts were emitted and could be misused; upstream patch rejects immediate NF_QUEUE verdicts to fix it. Downstream advisories indicate fixes implemented in kernel updates (e.g., upstream kern...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
ICS
ICS
added 2026/04/28 12:0 a.m.7 views

Hitachi Energy PCM600

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Hitachi Energy PCM600 product versions listed in this document. An attacker successfully exploiting this vulnerability can impact integrity of the product. Please refer to the Recommended Immediate Actions for information about...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2026/04/25 1:40 a.m.4 views

SUSE CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.11 views

CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS0.00121EPSS
Exploits0References3
Qualys Blog
Qualys Blog
added 2026/04/22 5:12 p.m.27 views

Don’t Wait for a Patch. Mitigate RedSun Zero-Day Risk in Microsoft Defender Today

Key Takeaways RedSun is a critical zero-day vulnerability in Microsoft Defender that allows low-privileged users to gain SYSTEM access No patch is currently available, leaving all Defender-enabled Windows systems potentially exposed Qualys VMDR detects affected assets instantly QID 92382 TruRisk...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of PASID being reused immediately, potentially leading to interrupt issues...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
Rows per page
Query Builder