Lucene search
K

126616 matches found

UbuntuCve
UbuntuCve
added 2026/04/02 5:16 p.m.6 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS5.9AI score0.00237EPSS
Exploits0References3
OSV
OSV
added 2026/04/02 5:16 p.m.2 views

UBUNTU-CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 4:52 p.m.1 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

3.1CVSS5.9AI score0.00237EPSS
Exploits0References3
CVE
CVE
added 2026/04/02 4:52 p.m.330 views

CVE-2026-35387

OpenSSH before 10.3 is affected by CVE-2026-35387: when listing any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms, the client/server may misinterpret this as enabling all ECDSA algorithms. The result is the unintended use of ECDSA keys, with confidentiality impact lis...

6.5CVSS5.9AI score0.00237EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/02 4:52 p.m.4 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS5.3AI score0.00237EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/02 4:52 p.m.8 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

3.1CVSS5.9AI score0.00237EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/02 4:52 p.m.3 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS5.2AI score0.00237EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/02 4:52 p.m.120 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

3.1CVSS0.00237EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2026/04/02 4:40 p.m.7 views

K000159875: Apache HTTP Server vulnerability CVE-2025-65082

Security Advisory Description Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HT...

6.5CVSS7.1AI score0.00758EPSS
Exploits0Affected Software2
GithubExploit
GithubExploit
added 2026/04/02 4:7 p.m.128 views

Exploit for CVE-2026-28767

CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...

5.9AI score0.00486EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/02 3:45 p.m.3 views

Security Bulletin: IBM Langflow Desktop Axios Denial of Service

Summary Axios is used by IBM Langflow Desktop as part of its HTTP communication functionality in Node.js environments, enabling it to send and receive network requests to external services and APIs. A vulnerability in Axios affects how data: scheme URLs are handled by its Node.js HTTP adapter,...

7.5CVSS6.8AI score0.01099EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/02 3:42 p.m.8 views

Security Bulletin: IBM Langflow Desktop Symlink Validation Bypass

Summary tar-fs is used by IBM Langflow Desktop as part of its archive extraction and file handling functionality through Node.js dependencies. A vulnerability in tar-fs affects how symbolic links are validated during extraction, allowing a crafted tarball to bypass symlink protections when the...

8.7CVSS6.6AI score0.00516EPSS
Exploits0Affected Software1
IBM AIX
IBM AIX
added 2026/04/02 3:29 p.m.5 views

Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS

IBM SECURITY ADVISORY First Issued: Thu Apr 2 15:29:58 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/postgresadvisory.asc Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS...

8.8CVSS7.4AI score0.00709EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/02 3:10 p.m.6 views

Malicious code in k8s-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

6AI score
Exploits0References7
OSV
OSV
added 2026/04/02 3:10 p.m.4 views

MAL-2026-2430 Malicious code in k8s-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

6AI score
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/02 3:9 p.m.3 views

Security Bulletin: Inefficient Regex Complexity Vulnerability in brace-expansion Library (CVE-style Security Advisory), affects watsonx.data

Summary A vulnerability in the brace-expansion library versions up to 1.1.11, 2.0.1, 3.0.0, and 4.0.0 affects the expand function, allowing specially crafted input to trigger inefficient regular expression processing. This can lead to excessive CPU usage ReDoS, potentially degrading performance...

3.1CVSS4.6AI score0.00459EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2026/04/02 12:45 p.m.9 views

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week. Things are moving fast. The list includes researchers...

9.8CVSS6.4AI score0.49424EPSS
Exploits1
Talos Blog
Talos Blog
added 2026/04/02 10:0 a.m.4 views

Qilin EDR killer infection chain

Endpoint detection and response EDR tools are widely deployed and far more capable than traditional antivirus. As a result, attackers use EDR killers to disable or bypass them. Disabling telemetry collection process, memory, network activity limits what defenders can see and analyze. As defenders...

6.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/02 5:58 a.m.1 views

CVE-2026-25834

A flaw was found in Mbed TLS. A remote attacker could exploit this vulnerability by performing an algorithm downgrade attack. This could lead to a reduction in the security strength of cryptographic operations, potentially allowing for information disclosure or denial of service. Mitigation...

6.5CVSS5.8AI score0.00135EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/02 3:36 a.m.11 views

Security Bulletin: Singlestore DB with IBM is affected by Multiple Vulnerabilities.

Summary Multiple Vulnerabilities found in Singlestore DB with IBM SingleStore Self-Managed Enterprise with IBM and SingleStore Self-Managed Standard with IBM in Version 8.9.46. Its been addressed in 8.9.47. Hence, IBM strongly recommends upgrading to 8.9.47. Vulnerability Details Refer to the...

5.8AI score
Exploits0Affected Software1
Rows per page
Query Builder