Lucene search
+L

4 matches found

Github Security Blog
Github Security Blog
added 2026/05/19 9:32 p.m.11 views

Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends

In the AWS Secrets Manager and SSM Parameter Store secrets backends of apache-airflow-providers-amazon prior to 9.28.0, the team-scoping logic could resolve a connid containing a / e.g. "myteam/conn" to the same path as another team's team-scoped secret when the caller had no team context. A...

5.3CVSS5.4AI score0.00413EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 7:17 p.m.9 views

CVE-2026-42526

In the AWS Secrets Manager and SSM Parameter Store secrets backends of apache-airflow-providers-amazon prior to 9.28.0, the team-scoping logic could resolve a connid containing a / e.g. "myteam/conn" to the same path as another team's team-scoped secret when the caller had no team context. A...

5.3CVSS5.8AI score0.00413EPSS
Exploits0References3
CVE
CVE
added 2026/05/19 7:17 p.m.25 views

CVE-2026-42526

The CVE-2026-42526 vulnerability affects apache-airflow-providers-amazon backends for AWS Secrets Manager and SSM Parameter Store prior to 9.28.0. The team-scoping logic could resolve a conn_id containing a slash (for example a_team/conn) to the same path as another team’s secret when the caller ...

5.3CVSS5.8AI score0.00413EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2010/04/28 12:0 a.m.24 views

Zamba radio script Authentication Bypass

Exploit for php platform in category web applications ======================================== zamba radio script Authentication Bypass ======================================== found by: Poltergeisth4cker from netherlands TEAM: No team Contact: Poltergeisth4ckerathotmail.com Dork: no scriptkiddie...

7.1AI score
Exploits0
Rows per page
Query Builder