Lucene search
+L

25342 matches found

NVD
NVD
added yesterday5 views

CVE-2026-15449

A time-of-check to time-of-use TOCTOU flaw in the illumos data-link pseudo-driver dld affects handling of the DLDIOCGETMACPROP and DLDIOCSETMACPROP ioctls on /dev/dld. drviocpropcommon in usr/src/uts/common/io/dld/dlddrv.c copies the dldiocmacpropt ioctl header in once to read its prvalsize field...

5.8CVSS
Exploits0References3
OSV
OSV
added 2 days ago4 views

MAL-2026-10643 Malicious code in ethereum-input-decorder (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94137fcf0aee7d8edb4e15a8bc9be4455fbdf79cb5bf99987b79f0393fdff62c The package name typosquats the legitimate 'ethereum-input-decoder'. Its top-level init.py unconditionally invokes a payload routine on import: it...

6.2AI score
Exploits0References6
CVE
CVE
added 3 days ago22 views

CVE-2026-48747

Summary: CVE-2026-48747 affects Symfony’s Mailomat webhook parser. The MailomatRequestParser::validateSignature() method reads the X-MOM-Webhook-Signature header and passes the wire-provided algorithm directly to hash_hmac(), enabling a signature algorithm downgrade instead of enforcing SHA-256 a...

6.3CVSS6.1AI score0.00197EPSS
Exploits0References4Affected Software1
CVE
CVE
added 3 days ago13 views

CVE-2026-56178

CVE-2026-56178 affects Microsoft Defender for Endpoint (Mac) and is caused by a time-of-check time-of-use (TOCTOU) race condition that enables a local privilege escalation for an authorized attacker. The vulnerability is documented across multiple sources (NVD/NCSC summaries, MSRC page, and CVE l...

5.5CVSS6AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-56178 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

...

5.5CVSS0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago4 views

CVE-2026-50658 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

...

7CVSS6.1AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 3 days ago10 views

CVE-2026-50658

The CVE-2026-50658 entry describes a Time-of-check Time-of-use (TOCTOU) race condition in Microsoft Defender, enabling an authorized local attacker to elevate privileges. Connected sources corroborate a Mac-focused Defender elevation-of-privilege vulnerability, with multiple advisories and CVE re...

7CVSS6AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago28 views

CVE-2026-50658 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

...

7CVSS0.00193EPSS
Exploits0References1
CVE
CVE
added 3 days ago15 views

CVE-2026-50657

CVE-2026-50657 : Microsoft Defender for Mac/Endpoint information disclosure vulnerability that allows an authorized attacker to disclose private information locally. CVSS v3.1 base score 4.7 (Medium); attack vector LOCAL, no user interaction, high impact on confidentiality, requires low privilege...

4.7CVSS6AI score0.00412EPSS
Exploits1References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-50657 Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability

...

4.7CVSS0.00412EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score0.00193EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago13 views

Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability

Exposure of private personal information to an unauthorized actor in Microsoft Defender allows an authorized attacker to disclose information locally...

4.7CVSS6.1AI score0.00412EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 3 days ago15 views

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

5.5CVSS6.1AI score0.00191EPSS
Exploits0
OSV
OSV
added 3 days ago2 views

SUSE-SU-2026:2957-1 Security update for the Linux Kernel (Live Patch 23 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.100 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...

9.8CVSS6.7AI score0.00563EPSS
Exploits8References49
OSV
OSV
added 3 days ago2 views

SUSE-SU-2026:2945-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...

9.8CVSS6.7AI score0.00563EPSS
Exploits8References49
Tenable Nessus
Tenable Nessus
added 3 days ago8 views

Adobe Premiere Pro < 25.6.6 / 26.0.0 < 26.3.0 Multiple Vulnerabilities (APSB26-76) (macOS)

The version of Adobe Premiere Pro installed on the remote macOS host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-76 advisory. - Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security...

7.8CVSS6.3AI score0.00297EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 3 days ago7 views

Mozilla Firefox < 152.0.6

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 152.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-67 advisory. - We are aware that exploit code for this is public however we are not aware of any attacks in the wild...

5.4CVSS6.2AI score0.00156EPSS
Exploits0References3
Google Chrome Security Advisories
Google Chrome Security Advisories
added 3 days ago7 views

Stable Channel Update for Desktop

The Stable channel has been updated to 150.0.7871.124/.125 for Windows and Mac and 150.0.7871.124 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

9.6CVSS6.2AI score0.00328EPSS
Exploits0Affected Software1
OSV
OSV
added 4 days ago4 views

SUSE-SU-2026:2920-1 Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: - CVE-2025-71089: iommu: disable SVA when CONFIGX86 is set bsc1256615. - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. -...

9.8CVSS6.7AI score0.00563EPSS
Exploits8References43
OSV
OSV
added 4 days ago2 views

SUSE-SU-2026:2888-1 Security update for the Linux Kernel (Live Patch 52 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.209 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of...

9.8CVSS6.6AI score0.00563EPSS
Exploits8References41
Rows per page
Query Builder