Lucene search
K

468 matches found

Circl
Circl
added 6 days ago8 views

CVE-2026-54590

creationtimestamp| type| source ---|---|--- 2026-07-08 22:59:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq67v3wjmr2z...

5.9CVSS5.9AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 7:13 p.m.17 views

CVE-2026-53622

CVE-2026-53622 concerns Traefik’s HTTP/3 (QUIC) TLS configuration selection. When HTTP/3 is enabled, the TLS handshake uses an exact, case-sensitive lookup of the SNI to choose a TLS config, which fails to match wildcard hosts or mixed-case hostnames. If a router enforces mTLS via TLSOptions and ...

10CVSS5.9AI score0.0024EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/06/23 3:37 a.m.3 views

CVE-2026-55654 Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS5.9AI score0.00367EPSS
Exploits1References7
CVE
CVE
added 2026/06/17 1:14 p.m.21 views

CVE-2026-10641

Zephyr Bluetooth Classic HFP HF CIND parser (subsys/bluetooth/host/classic/hfp_hf.c) contains an out-of-bounds write during +CIND=?/+CIND: handling. cind_handle_values() writes hf-ind_table[index] = i without verifying index is within the 20-element int8_t ind_table[]. A remote attacker could sen...

7.1CVSS5.5AI score0.00282EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.22 views

PT-2026-50394

Name of the Vulnerable Software and Affected Versions Zephyr versions 1.7 through 4.4.0 Description The Bluetooth Classic Hands-Free Profile HFP Hands-Free role parser in subsys/bluetooth/host/classic/hfp hf.c contains an out-of-bounds write. During Service Level Connection setup, the Hands-Free ...

7.1CVSS5.8AI score0.00282EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/06/16 7:28 p.m.6 views

CVE-2026-46979

...

6.5CVSS5.2AI score0.00294EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2620 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may resul...

8.1CVSS9AI score0.01059EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2026/06/09 1:57 p.m.16 views

Meta’s face-recognition code raises new concerns about smart glasses

Meta’s smart glasses are once again at the center of a privacy debate due to face recognition. WIRED reports that Meta had quietly embedded unreleased face-recognition code, internally called “NameTag,” into its Meta AI companion app, which powers the company’s smart glasses. The code was not...

5.6AI score
Exploits0
NVD
NVD
added 2026/05/25 9:16 p.m.20 views

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS0.00224EPSS
Exploits0References2
OSV
OSV
added 2026/05/25 9:16 p.m.10 views

DEBIAN-CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS5.8AI score0.00224EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.18 views

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS5.8AI score0.00224EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/25 8:16 p.m.15 views

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS5.8AI score0.00224EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/25 8:16 p.m.13 views

EUVD-2026-31731

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS5.8AI score0.00224EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/25 8:16 p.m.7 views

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS5.8AI score0.00224EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.11 views

Federated Naive Bayes with Real Mixture of Gaussians and Institutional Governance Regularization for Network Intrusion Detection

Federated learning for intrusion detection rests on a flawed premise: that every participating institution contributes equally to the shared model. In practice, a financial institution with mature security controls and low vulnerability exposure produces fundamentally different data than a...

5.8AI score
Exploits0
CVE
CVE
added 2026/05/11 4:50 p.m.15 views

CVE-2026-34094

CVE-2026-34094 affects Wikimedia Foundation MediaWiki prior to 1.43.7, 1.44.4, and 1.45.2. The issue is in the Page/Article.Php path where a Customized help link for a page protection indicator is relative to the subpage name because the link target is missing the "/wiki/" prefix. This describes ...

3.8CVSS5.8AI score0.0017EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/11 4:50 p.m.35 views

CVE-2026-34094 Customized help link for page protection indicator is relative to subpage name, because the link target is missing the "/wiki/" prefix

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

2CVSS0.0017EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/08 10:50 a.m.109 views

dvna_exploited

No d...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/06 12:39 p.m.7 views

CLSA-2026-1778071148 openssl: Fix of 4 CVEs

CVE-2026-28387: fix use of OPENSSLfree instead of X509free on dane-mcert in danematch X509 reference-count bypass / UAF - CVE-2026-28388: fix NULL deref in checkdeltabase when a delta CRL carries the Delta CRL Indicator extension but lacks a CRL Number - CVE-2026-28389: fix NULL deref in...

9.8CVSS5.8AI score0.01059EPSS
Exploits0References1
Talos Blog
Talos Blog
added 2026/05/06 10:0 a.m.8 views

Insights into the clustering and reuse of phone numbers in scam emails

Cisco Talos has recently started to collect and gather intelligence around phone numbers within emails as an additional indicator of compromise IOC. In this blog, we discuss new insights into in-the-wild phone number reuse in scam emails. According to Talos' observations, the ease of API-driven...

5.7AI score
Exploits0
Rows per page
Query Builder