Lucene search
K

129 matches found

OSV
OSV
added 4 days ago12 views

ROOT-APP-MAVEN-CVE-2026-1225 CVE-2026-1225 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2026-1225 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

5CVSS5.8AI score0.00159EPSS
Exploits0
OSV
OSV
added 4 days ago12 views

ROOT-APP-MAVEN-CVE-2024-12798 CVE-2024-12798 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2024-12798 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

5.5CVSS6.6AI score0.00404EPSS
Exploits0
OSV
OSV
added 4 days ago13 views

ROOT-APP-MAVEN-CVE-2025-11226 CVE-2025-11226 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2025-11226 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

6.4CVSS5.2AI score0.00181EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacke...

7CVSS6.3AI score0.00181EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/27 2:5 a.m.8 views

SUSE CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

6CVSS6.3AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:24 p.m.8 views

CVE-2026-13006

A flaw was found in logback-core, a logging framework for Java applications. This vulnerability allows an attacker with existing privileges and write access to a configuration file, or the ability to inject a malicious environment variable, to execute arbitrary code. This can be achieved by...

7CVSS6.1AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 7:16 a.m.18 views

CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 7:16 a.m.3 views

DEBIAN-CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS6.1AI score0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 7:16 a.m.4 views

UBUNTU-CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS6.1AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:41 a.m.6 views

EUVD-2026-38691

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.34 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS6.2AI score0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 5:41 a.m.5 views

CVE-2026-13006 Incomplete protection against CVE-2025-11226

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS6.1AI score0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:41 a.m.7 views

CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.35 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS6.1AI score0.00122EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/24 5:41 a.m.38 views

CVE-2026-13006 Incomplete protection against CVE-2025-11226

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

7CVSS0.00122EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.21 views

PT-2026-51676

Name of the Vulnerable Software and Affected Versions logback-core versions prior to 1.5.35 Description An arbitrary code execution issue exists in the conditional configuration file processing of Java applications. An attacker can execute arbitrary code by compromising an existing logback...

7CVSS6.5AI score0.00122EPSS
Exploits0References13
OSV
OSV
added 2026/06/22 12:8 p.m.11 views

ROOT-APP-MAVEN-CVE-2021-42550 CVE-2021-42550 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2021-42550 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

8.5CVSS6.8AI score0.04439EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/08 5:16 p.m.15 views

CVE-2026-10532

A flaw was found in the logback-core component of QOS.CH Sarl logback. This deserialization of untrusted data vulnerability allows a remote attacker, by influencing serialized data sent to SimpleSocketServer or SimpleSSLSocketServer, to instantiate Proxy objects. Although heavily restricted by...

6.3CVSS5.6AI score0.00342EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/07 2:58 p.m.16 views

CVE-2026-9828

A flaw was found in logback. An attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer could exploit a deserialization of untrusted data vulnerability, allowing for object injection. This could enable the instantiation of objects from certain Java classes...

6.3CVSS6.4AI score0.0037EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/02 1:44 a.m.46 views

SUSE CVE-2026-10532

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer...

6.3CVSS6.4AI score0.00342EPSS
Exploits0References3
NVD
NVD
added 2026/06/01 1:16 p.m.18 views

CVE-2026-10532

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer...

6.3CVSS0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 11:30 a.m.14 views

EUVD-2026-33632

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer...

6.3CVSS6.4AI score0.00342EPSS
Exploits0References1
Rows per page
Query Builder