CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

755 matches found

SUSE CVE•added 2026/06/12 2:25 a.m.•8 views

SUSE CVE-2026-50266

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...

2.2CVSS5.3AI score0.00262EPSS

Exploits0References3

Debian•added 2026/06/11 6:48 p.m.•7 views

[SECURITY] [DSA 6340-1] neutron security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6340-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2026 https://www.debian.org/security/faq -...

2.2CVSS5.3AI score0.00262EPSS

Exploits0

RedhatCVE•added 2026/06/11 2:59 p.m.•10 views

CVE-2026-50266

A flaw was found in OpenStack Neutron. A project manager can exploit this vulnerability by creating or updating a port on a shared network and setting the deviceowner to a specific value. This bypasses default access controls, allowing the project manager to obtain trusted network-service port...

6.6CVSS5.1AI score0.00262EPSS

Exploits0References8

Tenable Nessus•added 2026/06/11 12:0 a.m.•4 views

Debian dsa-6340 : neutron-api - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6340 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6340-1 [email protected] https://www.debian.org/security/ Moritz...

2.2CVSS5.4AI score0.00262EPSS

Exploits0References4

RedhatCVE•added 2026/06/08 2:58 a.m.•8 views

CVE-2026-49299

A flaw was found in OpenStack Neutron. The tagging controller incorrectly enforces plural policy action names for single-tag write operations, while the defined policy rules use singular names. This mismatch allows a project reader to bypass intended policy restrictions, enabling them to create a...

5.3CVSS5.7AI score0.00295EPSS

Exploits0References6

Tenable Nessus•added 2026/06/05 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-50266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value th...

3.5CVSS7.2AI score0.00963EPSS

Exploits0References2

NVD•added 2026/06/04 5:16 p.m.•13 views

CVE-2026-50266

2.2CVSS0.00262EPSS

Exploits0References6

OSV•added 2026/06/04 5:16 p.m.•7 views

UBUNTU-CVE-2026-50266

2.2CVSS5.3AI score0.00262EPSS

Exploits0References5

ATTACKERKB•added 2026/06/04 4:18 p.m.•7 views

CVE-2026-50266

3.5CVSS7.1AI score0.00963EPSS

Exploits0References6Affected Software1

CVE•added 2026/06/04 4:18 p.m.•17 views

CVE-2026-50266

OpenStack Neutron before 28.0.1 is affected. A port on a shared network owned by another project can be created or updated by a project manager with device_owner starting with a network: prefix (e.g., network:dhcp). The default RBAC policies did not require network ownership, allowing access to t...

2.2CVSS5.8AI score0.00262EPSS

Exploits0References6

Debian CVE•added 2026/06/04 4:18 p.m.•7 views

CVE-2026-50266

2.2CVSS5.8AI score0.00262EPSS

Exploits0

Vulnrichment•added 2026/06/04 4:18 p.m.•10 views

CVE-2026-50266

2.2CVSS5.8AI score0.00262EPSS

Exploits0References5

Cvelist•added 2026/06/04 4:18 p.m.•35 views

CVE-2026-50266

2.2CVSS0.00262EPSS

Exploits0References5

EUVD•added 2026/06/04 4:18 p.m.•9 views

EUVD-2026-34301

3.5CVSS7.1AI score0.00963EPSS

Exploits0References5

Positive Technologies•added 2026/06/04 12:0 a.m.•14 views

PT-2026-46270

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device owner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECT MANAGER witho...

2.2CVSS5.8AI score0.00262EPSS

Exploits0References9

CNNVD•added 2026/06/04 12:0 a.m.•6 views

OpenStack Neutron 安全漏洞

OpenStack Neutron is an open-source project under OpenStack, designed to provide services between interface devices managed by other OpenStack services. Prior to version 28.0.1, OpenStack Neutron had a security vulnerability. This vulnerability stemmed from the ability of project administrators t...

2.2CVSS5.3AI score0.00262EPSS

Exploits0References6

EUVD•added 2026/05/29 12:38 a.m.•12 views

EUVD-2026-33074

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS5.8AI score0.00295EPSS

Exploits0References4

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-49299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single- tag write operations while the defined policy rules us...

5.3CVSS5.5AI score0.00295EPSS

Exploits0References3

NVD•added 2026/05/28 10:17 p.m.•9 views

CVE-2026-49299

5.3CVSS0.00295EPSS

Exploits0References4

OSV•added 2026/05/28 10:17 p.m.•5 views

DEBIAN-CVE-2026-49299

5.3CVSS5.8AI score0.00295EPSS

Exploits0References1

Rows per page