125243 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45304 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-46626
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-46626 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-46628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46628 Note that Nessus relies on the presence of the package as reported by the vendo...
PT-2026-42620
Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. Boxlite allows users to specify the OCI image used by containers in the sandbox. However, when processing tar entries in OCI images, Boxlite does not account for...
📄 FUXA 1.2.9 Remote Code Execution
FUXA versions 1.2.9 and below suffers from an unauthenticated path traversal vulnerability that leads to arbitrary file write that enables remote code execution. Exploit Title: FUXA 1.2.9 - RCE Date: 4/24/2026 Exploit Author: Anthony Cihan Hann1bl3L3ct3r Vendor Homepage:...
📄 BookStack 25.12.1 Denial of Service
BookStack version 25.12.1 suffers from a denial of service vulnerability. Exploit Title: BookStack 25.12.1 - Denial of Service Search Terms Resource Exhaustion Date: 2026-04-29 Exploit Author: Gabriel Rodrigues TEXUGO Vendor Homepage: https://www.bookstackapp.com Software Link:...
PT-2026-42640
Summary js-cookie's internal assign helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object's " proto " member is an own enumerable property, so the for…in enumerates it and the targetkey = sourcekey write triggers the...
Linux Distros Unpatched Vulnerability : CVE-2026-45068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45068 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-46627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46627 Note that Nessus relies on the presence of the package as reported by the vendo...
Langflow Origin Validation Error Vulnerability
Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh...
Linux Distros Unpatched Vulnerability : CVE-2026-46637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46637 Note that Nessus relies on the presence of the package as reported by the vendo...
Linux Distros Unpatched Vulnerability : CVE-2026-45069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45069 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-45077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45077 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-45067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45067 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-45063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45063 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-46633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46633 Note that Nessus relies on the presence of the package as reported by the vendo...
BookStack 25.12.1 - Denial of Service
Exploit Title: BookStack 25.12.1 - Denial of Service Search Terms Resource Exhaustion Date: 2026-04-29 Exploit Author: Gabriel Rodrigues TEXUGO Vendor Homepage: https://www.bookstackapp.com Software Link: https://github.com/BookStackApp/BookStack Version: 2 else None searchurl =...
How a Webmail Log File Became a Root-Level Backdoor
THREAT ANALYSIS May 2026 · Forensic Case Study A forensic breakdown of how an attacker turned CyberPanel's SnappyMail logging into a persistent webshell that survived every WordPress cleanup attempt. A WordPress site owner reported redirect malware on their site. They found that clicking anywhere...
Security Bulletin: IBM Enterprise Build of Quarkus is affected by multiple vulnerabilities
Summary IBM Enterprise Build of Quarkus is affected by vulnerabilities in the PostgreSQL JDBC driver and Apache Neethi Vulnerability Details CVEID:CVE-2026-42402 DESCRIPTION: Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Speciall...
Exploit for CVE-2026-0265
CVE-2026-0265 Vulnerability Assessment Tool Safely detect whe...