Lucene search
+L

30 matches found

OSV
OSV
added 2026/07/03 7:16 a.m.4 views

ALPINE-CVE-2026-11564

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

9.1CVSS6AI score0.0061EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/07/03 6:12 a.m.5 views

CVE-2026-11564

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

9.1CVSS6AI score0.0061EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/07/02 3:43 p.m.3 views

libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse

A flaw was found in curl. When libcurl reuses a connection from its connection pool, an easy handle that initially used default native Certificate Authority CA trust may continue to trust the native platform store. This occurs even after the application has switched that same handle to custom CA...

9.1CVSS6AI score0.0061EPSS
Exploits1References7
OSV
OSV
added 2026/06/24 2:0 p.m.3 views

UBUNTU-CVE-2026-11564

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

9.1CVSS5.9AI score0.0061EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Mimecast Incydr 安全漏洞

Mimecast Incydr is a cloud-native internal risk management and data protection platform developed by Mimecast Corporation in the United States. Versions of Mimecast Incydr prior to version 2.6.0 contained security vulnerabilities that could lead to arbitrary file access...

4.5CVSS5.5AI score0.0009EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/16 11:15 p.m.5 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.9AI score0.00149EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/16 11:15 p.m.6 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.9AI score0.00135EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/01/16 10:46 p.m.4 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.4AI score0.00135EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/01/16 10:46 p.m.22 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.7AI score0.00135EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/16 10:45 p.m.5 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.5AI score0.00149EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/01/16 10:45 p.m.30 views

CVE-2026-22816

CVE-2026-22816 (Gradle) : Multiple sources describe a vulnerability in Gradle before 9.3.0 where non-fatal exceptions during dependency resolution would allow Gradle to continue to the next repository, and an unresolvable host name could let an attacker register a service under the build’s host n...

8.6CVSS6.4AI score0.00149EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/01/16 10:45 p.m.7 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.4AI score0.00149EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/01/16 10:45 p.m.4 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.6AI score0.00149EPSS
Exploits0
HackRead
HackRead
added 2026/01/06 7:44 a.m.9 views

Connex IT Partners with AccuKnox for Zero Trust CNAPP Security in Southeast Asia

Menlo Park, India, 6th January 2026, CyberNewsWire...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-5367

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00229EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-27148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can...

8.8CVSS7.2AI score0.00229EPSS
Exploits0References2
Wiz blog
Wiz blog
added 2025/08/25 12:0 p.m.7 views

Unpacking the 2025 Gartner Market Guide for CNAPP

From siloed tools to a unified platform: Key takeaways from Gartner's new CNAPP report...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/03/24 4:38 p.m.8 views

CVE-2025-29778 Kyverno ignores subjectRegExp and IssuerRegExp

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...

5.8CVSS7.1AI score0.00317EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2025/03/01 2:51 a.m.3 views

SUSE CVE-2025-27148

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...

8.8CVSS6.9AI score0.00229EPSS
Exploits0References3
NVD
NVD
added 2025/02/25 9:15 p.m.27 views

CVE-2025-27148

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...

8.8CVSS0.00229EPSS
Exploits0References8
Rows per page
Query Builder