Lucene search
+L

1289 matches found

vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.16 views

@bassist/eslint-config (>=0.3.0 <=0.5.0), @bassist/oxc-integration (>=0.1.0 <=0.2.0) +7 more potentially affected by unknown CVE via @lint-md/core (>=2.0.0-beta.14 <=2.0.0)

@lint-md/core NPM version =2.0.0-beta.14, =0.3.0, =0.1.0, =2.0.0, =4.1.0, =1.1.0, =1.19.7, =1.1.0, =1.0.0, =1.3.4, =1.3.5 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMDCORE-16755005...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.12 views

@bassist/eslint-config (>=0.3.0 <=0.5.0), @bassist/oxc-integration (>=0.1.0 <=0.2.0) +7 more potentially affected by unknown CVE via @lint-md/core (>=2.0.0-beta.14 <=2.0.0)

@lint-md/core NPM version =2.0.0-beta.14, =0.3.0, =0.1.0, =2.0.0, =4.1.0, =1.1.0, =1.19.7, =1.1.0, =1.0.0, =1.3.4, =1.3.5 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMDCORE-16754836...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.21 views

@lint-md/cli (>=0.0.1 <=0.1.4), @lint-md/eslint-plugin (>=0.0.1 <=0.0.3) +4 more potentially affected by unknown CVE via ast-plugin (>=0.0.1 <=0.0.7)

ast-plugin NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.1.0, =0.1.2 - yuque-lint =0.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-ASTPLUGIN-16754893...

5.5AI score
Exploits0
Snyk
Snyk
added 2026/05/18 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.28 views

@lint-md/cli (>=0.0.1 <=0.1.4), @lint-md/eslint-plugin (>=0.0.1 <=0.0.3) +4 more potentially affected by unknown CVE via ast-plugin (>=0.0.1 <=0.0.7)

ast-plugin NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.1.0, =0.1.2 - yuque-lint =0.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-ASTPLUGIN-16755062...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.16 views

@lint-md/cli (>=0.0.1 <=0.1.4), @lint-md/eslint-plugin (>=0.0.1 <=0.0.3) +3 more potentially affected by unknown CVE via lint-md (>=0.1.1 <=0.2.0)

lint-md NPM version =0.1.1, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.2 - yuque-lint =0.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMD-16754472...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.19 views

@bassist/eslint-config (>=0.3.0 <=0.5.0), @bassist/oxc-integration (>=0.1.0 <=0.2.0) +10 more potentially affected by unknown CVE via @lint-md/parser (>=0.0.11 <=0.0.9)

@lint-md/parser NPM version =0.0.11, =0.3.0, =0.1.0, =2.0.0, =2.0.0, =2.1.4, =2.1.4, =4.1.0, =1.1.0, =1.19.7, =1.1.0, =1.0.0, =1.3.4, =1.3.5 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMDPARSER-16754919...

5.5AI score
Exploits0
Circl
Circl
added 2026/05/14 7:57 p.m.10 views

CVE-2026-46492

creationtimestamp| type| source ---|---|--- 2026-05-14 19:57:57+00:00| published-proof-of-concept| https://github.com/commenthol/md-fileserver/security/advisories/GHSA-32q2-hhr5-6qvv 2026-06-09 17:11:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnuowoqpot2g...

7.2CVSS5.3AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 12:2 a.m.9 views

OSV-2026-726 Use-after-poison in md_build_attribute

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512429151 Crash type: Use-after-poison READ 1 Crash state: mdbuildattribute mdprocessallblocks mdparse...

5.8AI score
Exploits0References1
Mageia
Mageia
added 2026/05/13 7:0 a.m.15 views

Updated apache packages fix security vulnerabilities

http2: double free and possible RCE on early reset. CVE-2026-23918 modrewrite elevation of privileges via apexpr. CVE-2026-24072 buffer overflow in modproxyajp via ajpmsgcheckheader. CVE-2026-28780 modmd unrestricted OCSP response. CVE-2026-29168 moddavlock indirect lock crash. CVE-2026-29169...

9.8CVSS6.2AI score0.4581EPSS
Exploits18References15
OSV
OSV
added 2026/05/13 7:0 a.m.19 views

MGASA-2026-0129 Updated apache packages fix security vulnerabilities

http2: double free and possible RCE on early reset. CVE-2026-23918 modrewrite elevation of privileges via apexpr. CVE-2026-24072 buffer overflow in modproxyajp via ajpmsgcheckheader. CVE-2026-28780 modmd unrestricted OCSP response. CVE-2026-29168 moddavlock indirect lock crash. CVE-2026-29169...

9.8CVSS6.1AI score0.4581EPSS
Exploits18References16
RedhatCVE
RedhatCVE
added 2026/05/12 5:37 p.m.9 views

CVE-2026-29168

A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...

7.5CVSS5.7AI score0.00628EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 12:14 a.m.11 views

OSV-2026-718 Heap-buffer-overflow in md_parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=511825301 Crash type: Heap-buffer-overflow READ 1 Crash state: mdparse mdhtml fuzz-mdhtml.c...

5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 3:44 p.m.52 views

CVE-2026-42845 Grav: Anonymous Page Content Overwrite via Form File Upload filename Override

The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0 , there is an unauthenticated page-content overwrite via file upload GHSA-w4rc-p66m-x6qq. Public form uploads now strip path components from the POST-supplied filename and hard-block page-content extensions md, yaml...

8.7CVSS5.8AI score0.00622EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 6:57 p.m.11 views

CVE-2026-43309

A flaw was found in the Linux kernel's md raid and device-mapper dm-raid components. When a local user or system operation attempts to stop a RAID array managed by dm-raid, the system can experience an indefinite hang. This occurs because the mdstop function tries to write to metadata sub-devices...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 2:16 p.m.8 views

UBUNTU-CVE-2026-43309

In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions. This occurs when: - A dm-raid managed...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
CVE
CVE
added 2026/05/08 1:11 p.m.27 views

CVE-2026-43309

The CVE-2026-43309 issue affects the Linux kernel’s md raid and device-mapper (dm-raid) components. When stopping a RAID array managed by dm-raid, the system could hang because md_stop() attempted to flush the write-intent bitmap to metadata sub-devices that were already suspended. The fix preven...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/08 1:11 p.m.4 views

CVE-2026-43309 md raid: fix hang when stopping arrays with metadata through dm-raid

In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions. This occurs when: - A dm-raid managed...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-38951

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A system hang can occur when stopping a RAID array using the device-mapper's dm-raid target. This happens when a dm-raid managed device tree is suspended from top to bottom and the...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References16
OSV
OSV
added 2026/05/07 8:38 a.m.11 views

BIT-APACHE-2026-29168 Apache HTTP Server: mod_md unrestricted OCSP response

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References3
Rows per page
Query Builder