Lucene search
K

19534 matches found

EUVD
EUVD
added 2026/05/13 9:32 p.m.8 views

EUVD-2026-30142

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 8:16 p.m.29 views

CVE-2026-33376

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS0.00271EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/13 8:16 p.m.6 views

CVE-2026-33376

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 8:16 p.m.5 views

UBUNTU-CVE-2026-33376

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/13 7:40 p.m.11 views

CVE-2026-42402

A flaw was found in Apache Neethi. A remote attacker can exploit this vulnerability by providing specially crafted WS-Policy documents. This triggers an algorithmic complexity issue during policy normalization, leading to an exponential expansion of policy alternatives. This unbounded memory...

7.5CVSS5.6AI score0.00711EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/13 7:28 p.m.7 views

CVE-2026-33376

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 7:28 p.m.11 views

CVE-2026-33376 Auth Proxy IPv6 whitelist bypass

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 7:28 p.m.41 views

CVE-2026-33376

CVE-2026-33376 affects Grafana’s Auth Proxy IPv6 allow-list: by default it accepts /32 addresses. Addresses with explicit masks are not affected. The practical impact is a potentially unintended bypass of access controls for the Auth Proxy component only; other components (Okta, SAML, LDAP) are u...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/13 7:28 p.m.40 views

CVE-2026-33376 Auth Proxy IPv6 whitelist bypass

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS0.00271EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/13 3:25 p.m.95 views

Stored-XSS-Vulnerability-Lab-Detection-Mitigation-

Stored Cross-Site Scripting XSS Vulnerability Report Exe...

6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.11 views

PT-2026-40790

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists in the Auth Proxy feature where IPv6 allow-lists default to /32 addresses. This behavior is specific to the Auth Proxy and does not impact other...

7.4CVSS5.8AI score0.00434EPSS
Exploits0References58
OSV
OSV
added 2026/05/12 6:30 p.m.6 views

GHSA-H6FC-48RJ-7QQH Apache Tomcat - Digest authenticator will authenticate any unknown user

Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When DIGEST authentication was configured, any user not known to the configured Realm would be authenticated if...

9.8CVSS5.8AI score0.01233EPSS
Exploits1References9
OSV
OSV
added 2026/05/12 6:17 p.m.7 views

UBUNTU-CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

7.5CVSS5.8AI score0.00201EPSS
Exploits0References3
CVE
CVE
added 2026/05/12 5:22 p.m.42 views

CVE-2026-44167

phpseclib contains a mitigation bypass for CVE-2024-27355 in the OID handling path (ASN1::decodeOID). Prior to versions 1.0.29, 2.0.54, and 3.0.52, loading untrusted ASN.1 data (e.g., X.509 certificates, RSA keys) could trigger a denial-of-service. The vulnerability is fixed in 1.0.29, 2.0.54, an...

7.5CVSS7.1AI score0.00569EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 5:22 p.m.19 views

CVE-2026-44167 phpseclib: CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

7.5CVSS7.1AI score0.00569EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 3:1 p.m.6 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion through unbounded recursion when decoding nested message fields. An attacker can exhaust the call stack and cause the application to crash by supplying specially crafted protobuf binary data containing deeply nest...

8.7CVSS5.8AI score0.00587EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/12 5:23 a.m.7 views

Security Bulletin: InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read (CVE-2026-3366)

Summary InfoSphere Optim Test Data Fabrication Resource Manager is affected by Arbitrary File Read via Path Traversal CVE-2026-3366. Vulnerability Details CVEID:CVE-2026-3366 DESCRIPTION: IBM InfoSphere Optim Test Data Fabrication could allow a remote attacker to traverse directories on the syste...

7.5CVSS6AI score0.00596EPSS
Exploits0Affected Software1
Wiz blog
Wiz blog
added 2026/05/12 1:38 a.m.11 views

Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised

Detect and mitigate malicious npm packages linked to the latest Mini Shai-Hulud supply chain campaign targeting high-value developer tooling...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-42025

Name of the Vulnerable Software and Affected Versions Windows 11 Windows Server 2022 Windows Server 2025 Description A security feature bypass known as YellowKey affects the BitLocker component in Windows. This issue allows an attacker with physical access to a device to bypass full-disk encrypti...

7.2CVSS5.7AI score0.01249EPSS
Exploits2References98
RedhatCVE
RedhatCVE
added 2026/05/11 7:5 p.m.16 views

CVE-2026-33857

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References4
Rows per page
Query Builder