Lucene search
+L

336 matches found

OSV
OSV
added 2 days ago5 views

UBUNTU-CVE-2026-56135

In NTFS-3G through 2026.2.25, a heap-based buffer overflow exists in the function buildinheritedid in libntfs-3g/security.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by creating a file in a crafted...

6.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/10 10:24 a.m.7 views

CVE-2026-59724

A flaw was found in Engine.IO. When Engine.IO servers have WebTransport enabled, a remote attacker can craft a session ID to resolve an inherited property of the clients object during WebTransport upgrade handling. This can lead to a TypeError, resulting in a denial of service DoS for the server...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/07/01 3:19 a.m.7 views

SUSE CVE-2026-53075

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

8.8CVSS5.8AI score0.00182EPSS
Exploits1References3
OSV
OSV
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53191 io_uring/net: inherit IORING_CQE_F_BUF_MORE across bundle recv retries

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

7.8CVSS6AI score0.00138EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53075

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

8.8CVSS0.00182EPSS
Exploits1References8
CVE
CVE
added 2026/06/24 4:30 p.m.13 views

CVE-2026-53075

The CVE-2026-53075 issue affects the Linux kernel PPP subsystem. A local unprivileged user can create a new user namespace (CLONE_NEWUSER), obtain CAP_NET_ADMIN only in that namespace, and still perform unattached PPP administrative IOCTLs (PPPIOCNEWUNIT, PPPIOCATTACH, PPPIOCATTCHAN) against an i...

8.8CVSS5.7AI score0.00182EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Point-to-Point Protocol PPP implementation where /dev/ppp open is authorized against file-f cred-user ns, while unattached administrative ioctls operate on...

8.8CVSS5.8AI score0.00182EPSS
Exploits1References153
OSV
OSV
added 2026/06/22 4:50 p.m.6 views

CVE-2026-55388 piscina: Prototype Pollution Gadget → RCE via inherited options.filename

piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run paths read the filename option via plain member access. Both reads fall through the prototype chain when the caller's options object doesn't have filename as an own property. When...

8.1CVSS6AI score0.00296EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 4:50 p.m.36 views

CVE-2026-55388 piscina: Prototype Pollution Gadget → RCE via inherited options.filename

piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run paths read the filename option via plain member access. Both reads fall through the prototype chain when the caller's options object doesn't have filename as an own property. When...

8.1CVSS0.00296EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 4:50 p.m.73 views

CVE-2026-55388

Summary: CVE-2026-55388 affects piscina (node.js worker pool). Before versions 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina reads options.filename by plain member access in both the constructor and run() paths, allowing the read to fall through the prototype chain. If Object.prototype.filename is pollut...

8.1CVSS5.8AI score0.00296EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/18 1:5 p.m.12 views

NPM: piscina: Prototype Pollution Gadget → RCE via inherited options.filename

NPM: piscina: Prototype Pollution Gadget → RCE via inherited options.filename vulnerability discovered by ? in WordPress Npm piscina versions = 4.9.2...

8.1CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/18 1:5 p.m.9 views

piscina: Prototype Pollution Gadget → RCE via inherited options.filename

Summary piscina's constructor and run paths read the filename option via plain member access: js // dist/index.js line 92 constructor const filename = options.filename ? 0, common1.maybeFileURLToPathoptions.filename : null; this.options = ...kDefaultOptions, ...options, filename, maxQueue: 0 ; //...

8.1CVSS5.4AI score0.00296EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/16 9:32 p.m.12 views

EUVD-2026-37203

Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions...

5.2AI score0.00201EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.11 views

CVE-2026-12105

Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions...

6.5CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:28 p.m.16 views

CVE-2026-12105

CVE-2026-12105 affects Devolutions Server in versions 2026.2.5 and 2026.1.21. The root cause is improper access control that allows an authenticated user to access attachments via folder duplication with inherited permissions. The documented impact is confidential data exposure (high) with a CVSS...

6.5CVSS5.3AI score0.00201EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:28 p.m.26 views

CVE-2026-12105

Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions...

0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-49823

Name of the Vulnerable Software and Affected Versions Devolutions Server version 2026.2.5 Devolutions Server version 2026.1.21 Description Improper access control allows an authenticated user to access attachments through a process of folder duplication with inherited permissions. Recommendations...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/11 5:5 a.m.13 views

EUVD-2026-36214

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS5.4AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 1:15 p.m.8 views

JLSEC-2026-582 xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion...

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...

7.8CVSS7.2AI score0.00324EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.10 views

CVE-2026-20238

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through srchFilter configurations on custom roles. The app contains an authorize.conf configuration file with a srchFilter entry that...

6.5CVSS5.5AI score0.0032EPSS
Exploits0References1
Rows per page
Query Builder