Lucene search
+L

261 matches found

Cvelist
Cvelist
added 15 hours ago8 views

CVE-2026-62201 OpenClaw < 2026.6.6 Network Policy Bypass via exec-server

OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...

7.7CVSS
Exploits0References2
CVE
CVE
added 15 hours ago5 views

CVE-2026-62201

OpenClaw prior to version 2026.6.6 contains a network policy bypass in the sandbox exec-server that lets lower-trust callers reach internal network destinations blocked by policy. Attackers can send HTTP requests through the exec-server to access restricted network resources. The CVE description ...

7.7CVSS6.1AI score
Exploits0References2
CVE
CVE
added 2 days ago12 views

CVE-2026-56743

Cilium (versions 1.19.0–1.19.4) is affected where standard Kubernetes NetworkPolicy ipBlock rules without pod/namespace selectors, when configured with a non-default clusterName, can generate a wildcard namespace allow rule. The parser incorrectly creates a pod selector for selectorless peers, en...

5.4CVSS6.1AI score0.00158EPSS
Exploits0References6
NVD
NVD
added 3 days ago4 views

CVE-2026-50496

Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.01149EPSS
Exploits0References1
NVD
NVD
added 3 days ago3 views

CVE-2026-50470

Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.00754EPSS
Exploits0References1
CVE
CVE
added 3 days ago7 views

CVE-2026-50496

CVE-2026-50496 is an out-of-bounds read vulnerability in Windows Network Policy Server SNMP that allows an unauthenticated attacker to disclose information over the network. Affects the SNMP component of Windows NPS; impact is information disclosure with a CVSS v3.1 base score of 7.5 (Network att...

7.5CVSS6.1AI score0.01149EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago24 views

CVE-2026-50470 Windows Network Policy Server SNMP Information Disclosure Vulnerability

...

7.5CVSS0.00754EPSS
Exploits0References1
CVE
CVE
added 3 days ago7 views

CVE-2026-50470

CVE-2026-50470 describes an out-of-bounds read in Windows Network Policy Server SNMP that could let an unauthenticated attacker disclose information over the network. The vulnerability affects the NPS SNMP handling and has a CVSS v3.1 base score of 7.5 (High) with network attack vector, low attac...

7.5CVSS6.1AI score0.00754EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 3 days ago8 views

Windows Network Policy Server SNMP Information Disclosure Vulnerability

Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.1AI score0.00754EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago6 views

Windows Network Policy Server SNMP Information Disclosure Vulnerability

Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.1AI score0.01149EPSS
Exploits0
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-15416

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS6.3AI score0.00281EPSS
Exploits0References7
NVD
NVD
added 4 days ago5 views

CVE-2026-62185

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS0.00284EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS0.00284EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.7 views

Chromium: CVE-2026-13894 Insufficient policy enforcement in Network

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00212EPSS
Exploits0
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14076

Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00182EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.31 views

CVE-2026-13894

Affected software: Google Chrome (Chromium-based). The issue is described as insufficient policy enforcement in the Network component prior to version 150.0.7871.47, allowing an attacker with a privileged network position to bypass navigation restrictions via a crafted HTML page. Severity is rate...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54171

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement within the Network component allows an attacker in a privileged network position to bypass navigation restrictions by using a crafted HTML page...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References448
EUVD
EUVD
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39595

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS6AI score0.00149EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 12:16 a.m.11 views

CVE-2026-13318

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 11:23 p.m.54 views

CVE-2026-13318 Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS0.00149EPSS
Exploits0References2
Rows per page
Query Builder