Lucene search
K

1139 matches found

Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-58026 $wgNonincludableNamespaces can be bypassed by embedding redirect in other namespaces

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Parser/Parser.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

0.00382EPSS
Exploits0References1
OSV
OSV
added 6 days ago5 views

PYSEC-2026-373 LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

Summary A serialization injection vulnerability exists in LangChain's dumps and dumpd functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data...

9.3CVSS7.8AI score0.1383EPSS
Exploits5References11
CVE
CVE
added 2026/06/28 1:32 a.m.49 views

CVE-2026-58053

Gitea act_runner (Docker backend) up to act 0.262.0 is vulnerable: the workflow.container.options are merged into the Docker job container HostConfig, and if privileged is set to false, only the Privileged flag is disabled while options such as --pid=host, --cap-add, and --security-opt remain. A ...

9.9CVSS5.8AI score0.00265EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 4:11 p.m.7 views

CVE-2026-53077

A flaw was found in the Linux kernel's Reliable Datagram Sockets over InfiniBand RDS/IB component. This vulnerability allowed the use of RDS/IB in network namespaces other than the initial one, where the existing code would not function correctly. This improper operation could lead to unexpected...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2026/06/26 1:57 p.m.22 views

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW ," is an out-of-bounds write in the packet-editing action actpedit that corrupts shared page-cache memory. A public, working exploit appeare...

6.1AI score0.00259EPSS
Exploits9
Cvelist
Cvelist
added 2026/06/25 2:39 p.m.30 views

CVE-2026-57438 Nokogiri: Possible Use-After-Free in XInclude Processing

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

5.9CVSS0.00093EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53077

The vulnerability CVE-2026-53077 affects the Linux kernel RDS/IB code: it restricted usage to the initial network namespace, with the non-initial namespaces not supported and the existing code likely malfunctioning. Multiple advisories note the issue has been resolved/patched (e.g., Debian/Ubuntu...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/23 7:15 p.m.35 views

CVE-2026-54761 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS0.00318EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:15 p.m.4 views

CVE-2026-54761

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS5.9AI score0.00318EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2026/06/23 7:15 p.m.37 views

CVE-2026-54761

Traefik vulnerability CVE-2026-54761 affects the Kubernetes Gateway provider: prior to 3.6.21 and 3.7.5, the crossProviderNamespaces allowlist is checked against backendRef.namespace instead of the HTTPRoute’s own namespace, enabling an attacker in a non-allowlisted namespace to reference interna...

7.1CVSS5.9AI score0.00318EPSS
Exploits2References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/22 1:54 p.m.8 views

CVE-2026-52909

A flaw was found in the Linux kernel, specifically within the IPv6 Virtual Tunnel Interface ip6vti component. This vulnerability occurs because a critical flag, netnsimmutable, is not properly set on a specific network device ip6vti0 when it is initialized. This oversight could allow the device t...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References4
OSV
OSV
added 2026/06/19 9:42 p.m.4 views

GHSA-MWR2-WMGP-CRJ6 OpenBao's System Backend allows Unauthorized Management of the containing Namespace

Summary A user that is granted namespace management /sys/namespaces capabilities within a non-root namespace "the victim namespace" can abuse special handling of the literal path "root" in namespace path canonicalization to manage the victim namespace itself. Details Several endpoints under...

2.3CVSS6AI score
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nstree: permission checks for listing have been tightened. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each other. Use the...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: A leak of userns and mntidmap occurs in opentreeattr2. Once the wantmountsetattr function returns a positive value, it still requires finishmountkattr to release -mntuserns. If domountsetattr fails, it does not change this...

5.5CVSS5.4AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...

7.8CVSS6.8AI score0.00541EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the newly added packettype by reading the...

7.1CVSS5.2AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fixed null-ptr-deref in iptablenattableinit. We received a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space befo...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ns: Initialize nslistnode for initial namespaces. Ensure that the list is always initialized for initial namespaces...

5.2AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: fixed an inverted genmask check in nftmapcatchallactivate nftmapcatchallactivate includes an inverted element activity check compared to its non-catchall counterpart, nftmapelemactivate, and compared to wh...

7.8CVSS7AI score0.00344EPSS
Exploits7References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without performing a ct clear between them, a reference to the old ct entry is still leaked. This occurs because tcfctskbnfctcached...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder