Lucene search
+L

4791 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.13 views

CVE-2026-21020

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

7.8CVSS5.4AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-21022

Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.4AI score0.00093EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.11 views

CVE-2026-44888

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile endpoint writes user-supplied numeric config values e.g., SMTPPORT directly into pialert.conf without validation. Since pialert.conf is loaded via Python's exec every 3–5 minutes...

9.8CVSS5.7AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 10:26 a.m.13 views

MAL-2026-5268 Malicious code in ulid-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e3976f115506c13c7fae459afc6ad381e64043c4b8ca394a115763baa3d182c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
CVE
CVE
added 2026/06/04 10:33 p.m.213 views

CVE-2026-20245

Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) is affected by CVE-2026-20245. The vulnerability arises from insufficient validation of user-supplied input in the CLI, enabling an authenticated, local attacker to upload a crafted file and perform command injection, potentially elevating p...

7.8CVSS6.3AI score0.25323EPSS
In wildExploits2References3Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.28 views

PT-2026-46400

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Controller affected versions not specified Cisco Catalyst SD-WAN Manager affected versions not specified Cisco Catalyst SD-WAN Validator affected versions not specified Description A flaw in the Command Line Interface CLI...

7.8CVSS7.3AI score0.25323EPSS
Exploits2References250
GithubExploit
GithubExploit
added 2026/06/03 12:59 a.m.261 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 Detector Safe detection script for CVE-2026-...

9.8CVSS6.6AI score0.72253EPSS
Exploits32
Wordfence Blog
Wordfence Blog
added 2026/06/02 4:36 p.m.12 views

Attackers Actively Exploiting Critical Vulnerability in Burst Statistics Plugin

On May 13th, 2026, we publicly disclosed a critical Authentication Bypass vulnerability in Burst Statistics, a WordPress plugin with 200,000 active installations. This vulnerability can be leveraged by unauthenticated attackers, with knowledge of an administrator username, to impersonate that...

9.8CVSS5.8AI score0.14608EPSS
Exploits11
Spring Security Advisories
Spring Security Advisories
added 2026/06/02 12:0 a.m.15 views

This Week in Spring - June 2nd, 2026

Hi, Spring fans, and welcome to another momentous installment of This Week in Spring! A lot to get into this week, but let's first take some time to address the meta: where are the May releases? If you read our May 11th post, you know they've been delayed. We wanted to speak a bit more about why ...

5.7AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2026/06/01 12:0 a.m.10 views

VulnCheck KEV: CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS5.3AI score0.01261EPSS
In wildExploits3References5
OSV
OSV
added 2026/06/01 12:0 a.m.27 views

MAL-2026-5131 Malicious code in @redhat-cloud-services/sources-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.27 views

PT-2026-45209

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description An out-of-bounds read can occur in the iavb parse key data function within avb rsa.c due to improper input validation. This issue allows for local information...

3.3CVSS5.5AI score0.00069EPSS
Exploits0References6
OSV
OSV
added 2026/05/30 5:6 p.m.14 views

MAL-2026-5091 Malicious code in discord-ban (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4e19806a65bf83b5648eb280baedca899972d98e8c3f921080390458e8394413 Package steals data from web browsers credentials, credit cards, history, ... --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score
Exploits0References1
Circl
Circl
added 2026/05/30 11:14 a.m.11 views

CVE-2026-10162

creationtimestamp| type| source ---|---|--- 2026-05-30 11:14:14+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116663232233376212 2026-05-31 03:00:26+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mn4l5tcb7b2k 2026-05-31 03:00:29+00:00| seen|...

9CVSS7.7AI score0.00472EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/05/30 6:41 a.m.18 views

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 CVSS score: 7.8, refers to a case of authentication bypass that could be exploited b...

9.1CVSS5.9AI score0.86678EPSS
Exploits11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:9 p.m.20 views

Malicious code in customerdigital-service-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d58926a994bd05ac4db3c984f96186b2d52da1235a3f56f34843c01dd2246408 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/29 10:9 p.m.13 views

MAL-2026-5063 Malicious code in customerdigital-service-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d58926a994bd05ac4db3c984f96186b2d52da1235a3f56f34843c01dd2246408 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/29 10:9 p.m.21 views

MAL-2026-5059 Malicious code in chai-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5110f40393583ef41ebcfa3558d782310a40a78227a040480d871c25311b79ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:4 p.m.28 views

Malicious code in @trp-individual-investor-adv-disc/adv-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1fc0ed55f4ec8a9ae7dd408c68635f245461c319bf4e7a0ca85adb25c9eb317b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/29 10:2 p.m.10 views

MAL-2026-5066 Malicious code in ethers-hash (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d77270819f9736bb8e5eaba898605cbe713dfaf9b06c2ad539aa29f77651aba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Rows per page
Query Builder