Lucene search
K

1840 matches found

OSV
OSV
added 2026/06/30 6:19 p.m.5 views

GHSA-GX55-F84R-V3R7 Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape

Summary Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder pods. The merge logic propagated hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName from the user-supplied podsp...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References6
Apple
Apple
added 2026/06/29 12:0 a.m.11 views

About the security content of iOS 26.5.2 and iPadOS 26.5.2

About the security content of iOS 26.5.2 and iPadOS 26.5.2 This update delivers security fixes that were first made available in the iOS 26.6 and iPadOS 26.6 betas. This document describes the security content of iOS 26.5.2 and iPadOS 26.5.2. About Apple security updates For our customers'...

9.1CVSS5.8AI score0.00371EPSS
Exploits2References1Affected Software2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Net: Fixing segmentation issues with forwarding fraglists for GRO packets. This patch improves the handling of GSO segmentation by properly checking the SKBGSODODGY flag for GSO packets with a fraglist. This addresses low...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 9:39 a.m.2 views

SUSE-SU-2026:22478-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where Bottom Half BH processing is not disabled before calling the udp tunnel xmit skb and udp tunnel6 xmit skb functions. These functions are...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References6
CVE
CVE
added 2026/06/23 4:14 p.m.22 views

CVE-2026-34914

This CVE is confirmed: Revive Adserver

8.3CVSS6.6AI score0.00298EPSS
Exploits1References1
OSV
OSV
added 2026/06/23 12:46 p.m.2 views

OPENSUSE-SU-2026:21038-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References16
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.5 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.9AI score0.00469EPSS
Exploits15References13
OSV
OSV
added 2026/06/18 7:51 a.m.2 views

OPENSUSE-SU-2026:21137-1 Security update for perl-Crypt-PasswdMD5

This update for perl-Crypt-PasswdMD5 fixes the following issues: Changes in perl-Crypt-PasswdMD5: - updated to 1.430.0 1.43 see /usr/share/doc/packages/perl-Crypt-PasswdMD5/Changelog.ini V 1.43 Date=2026-05-23T08:14:00 Deploy.Action=Upgrade Deploy.Reason=Security Comments= EOT - Accept pull reque...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.11 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50318)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50318 advisory. - net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption Muhammad Alifa Ramdhan Orabug: 39543209 CVE-2026-31533 - net: fix fanout UAF...

9.8CVSS6.5AI score0.004EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

Fedora 44 : bind9-next (2026-dbb0776ac5)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dbb0776ac5 advisory. Update to 9.21.22 rhbz2480122 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...

9.8CVSS5.5AI score0.01844EPSS
Exploits1References7
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.30 views

Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security

Agent skills let LLM agents reuse instructions, resources, tools, and workflows, but they also create a new place for malicious behavior to hide. A skill may look benign in its documentation or code while becoming harmful only when it is invoked with particular user requests, local assets,...

5.7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/06/09 2:0 p.m.224 views

June 9, 2026—KB5095051 (OS Build 28000.2269)

June 9, 2026—KB5095051 OS Build 28000.2269 ​​​​​This cumulative update for Windows 11, version 26H1 KB5095051 includes the latest security fixes and improvements, along with non-security updates from last month's optional preview release. Visit the Windows release health dashboard for the latest...

9.8CVSS6.3AI score0.48438EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.15 views

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2207-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2207-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes various security issues The following security issues were fixe...

7.8CVSS5.3AI score0.03663EPSS
Exploits17References10
OSV
OSV
added 2026/05/29 11:44 p.m.6 views

SUSE-SU-2026:2134-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.5 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
Microsoft KB
Microsoft KB
added 2026/05/29 2:0 p.m.25 views

Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 (KB5002863)

Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 KB5002863 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...

8.8CVSS5.9AI score0.03219EPSS
Exploits4
CVE
CVE
added 2026/05/26 9:32 p.m.20 views

CVE-2025-43289

Summary : CVE-2025-43289 involves a logic issue in macOS that was mitigated by improved input validation. Affected products/versions : macOS Sonoma 14.8; fixes are included in macOS Sequoia 15.7 and macOS Tahoe 26. Vulnerability details : A malicious app could access sensitive user data due to th...

5.5CVSS5.8AI score0.00139EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.14 views

Fedora 44 : bind / bind-dyndb-ldap (2026-411248c8d9)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-411248c8d9 advisory. Update to 9.18.49 rhbz2480121 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...

7.5CVSS5.9AI score0.0181EPSS
Exploits1References5
OSV
OSV
added 2026/05/21 10:30 a.m.18 views

CLSA-2026-1779359429 expat: Fix of CVE-2026-45186

CVE-2026-45186: fix quadratic runtime in attribute collision detection by using a hash table for default attribute names instead of an On^2 loop...

7.5CVSS5.8AI score0.00428EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 v. 14610.4.3.1.7 and 15610.4.3.1.7, watchOS 7.3.2, and macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.4AI score0.02368EPSS
Exploits0References1
Rows per page
Query Builder