Lucene search
+L

955 matches found

cve
cve
added 2026/05/21 9:13 p.m.23 views

CVE-2026-8337

Concrete CMS

6.3CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Properly marking live registers for indirect jumps For the gotox rX instruction, the rX register should be marked as used in the computeinsnlive regs function. This issue has been fixed...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: udf: Fixed the issue of discarding data before allocation at the indirect extent boundary. When the preallocation extent is the first one in the extent block, the code would corrupt the extent tree header instead. This issue has...

5.5CVSS6.2AI score0.00254EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

There is a vulnerability in the Linux Kernel within the KVM framework: nVMX, which allows for speculative execution attacks. L2 can execute Spectre v2 attacks on L1, as L1 believes it does not need retpolines or IBPB after executing L2, due to KVM L0 indicating support for eIBRS to L1. An attacke...

8.8CVSS7AI score0.00285EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an inode list leak during backref walking at resolveindirectrefs During backref walking, at resolveindirectrefs, if an error occurs, we jump to the ‘out’ label and call freeleaflist on the ‘parents’ ulist. This frees...

5.5CVSS6.1AI score0.00173EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Fixed a stack-out-of-bounds memory access from ioapicwriteindirect. KASAN reports the following issue: BUG: In kvmmakevcpusrequestmask+0x174/0x440 kvm, there is a stack-out-of-bounds situation. A read of size 8 at...

7.1CVSS6.4AI score0.00259EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disabling IBT when the hypercall page lacks the ENDBR instruction. On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current version...

5.2AI score0.00166EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fixed the issue of invalid dereferencing of indirect CCW data pointers. The issue involved invalid dereferencing of the indirect CCW data pointer in the dasdeckddumpsense function. This caused a kernel panic in certain...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. Additionally, add a number of comments to attempt to document the current state of knowledge regarding RSB attacks and exactly what is...

5.5CVSS6.3AI score0.00276EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio: Packed data – fix an unmap leak for the indirect desc table When usedmaapi and premapped are set to true, the dounmap operation is not executed. As a result, the vringunmapextrapacked function is not called by...

5.5CVSS6AI score0.00222EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR in the function speculationctrlupdate, but the IBPB is only issued at the next schedul...

7.5CVSS6.7AI score0.02399EPSS
Exploits3References2
cvelist
cvelist
added 2026/05/15 9:7 p.m.41 views

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

6.5CVSS0.00277EPSS
Exploits1References1
cve
cve
added 2026/05/15 9:7 p.m.24 views

CVE-2026-45666

CVE-2026-45666 — Open WebUI IDOR in notes endpoint : The API /api/v1/notes/{note_id} allowed authenticated users to read other users’ notes by guessing UUIDs prior to version 0.8.11, enabling unauthorized data disclosure. The issue is fixed in 0.8.11; per-id endpoints now enforce ownership (admin...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2026/05/15 9:7 p.m.9 views

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References1
osv
osv
added 2026/05/15 9:7 p.m.5 views

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

6.5CVSS6.6AI score0.00277EPSS
Exploits1References3
osv
osv
added 2026/05/14 8:27 p.m.6 views

GHSA-X3QM-P8HR-3C3H Open WebUI has an Indirect Object Reference (IDOR) in user notes

Summary The API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. This results in unauthorized disclosure of potentially sensitive or private user data. Details - if notes is...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References5
github
github
added 2026/05/14 8:27 p.m.11 views

Open WebUI has an Indirect Object Reference (IDOR) in user notes

Summary The API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. This results in unauthorized disclosure of potentially sensitive or private user data. Details - if notes is...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2026/05/14 3:52 p.m.63 views

CVE-2026-44504 Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's threadid, can execute graph runs against the user's thread, read the user's full...

8.6CVSS0.00285EPSS
Exploits0References1
susecve
susecve
added 2026/05/12 3:30 a.m.9 views

SUSE CVE-2026-43321

In the Linux kernel, the following vulnerability has been resolved: bpf: Properly mark live registers for indirect jumps For a gotox rX instruction the rX register should be marked as used in the computeinsnliveregs function. Fix this...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/05/12 12:0 a.m.21 views

IPI-Proxy: An Intercepting Proxy for Red-Teaming Web-Browsing AI Agents against Indirect Prompt Injection

Web-browsing AI agents are increasingly deployed in enterprise settings under strict whitelists of approved domains, yet adversaries can still influence them by embedding hidden instructions in the HTML pages those domains serve. Existing red-teaming resources fall short of this scenario:...

5.8AI score
Exploits0
Rows per page
Query Builder