Lucene search
K

32 matches found

EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36760

An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...

5.3AI score0.00375EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.8 views

CVE-2026-39007

An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...

7.5CVSS0.00375EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.17 views

CVE-2026-39007

Technical details about CVE-2026-39007 are not publicly available in the provided documents. Monitor for updates from vendors and advisories.

7.5CVSS5.4AI score0.00375EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49300

Name of the Vulnerable Software and Affected Versions Observe versions prior to 2026-01-28 Description A flaw in the CSV Log export component allows a remote attacker to obtain sensitive information. Recommendations Update to a version released after 2026-01-28. As a temporary workaround, restric...

7.5CVSS5.3AI score0.00375EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.27 views

CVE-2026-39007

An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...

0.00375EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.7 views

EulerOS 2.0 SP13 : tigervnc (EulerOS-SA-2026-2359)

According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application...

9.8CVSS5.5AI score0.00247EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.10 views

camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers

A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...

8.2CVSS5.7AI score0.00622EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/05/05 11:37 a.m.5 views

CVE-2026-40022

A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...

8.2CVSS5.7AI score0.00622EPSS
Exploits1References5
Veracode
Veracode
added 2026/05/04 12:12 p.m.11 views

Authentication Bypass

Apache Camel is vulnerable to Authentication Bypass. The vulnerability is due to the authentication handler matching only the exact configured context path, not its subpaths, where unauthenticated requests to subpaths can reach protected business routes and management endpoints without being...

8.2CVSS5.8AI score0.00622EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/04/27 12:30 p.m.4 views

GHSA-27VM-5VPJ-RP5G Apache Camel Vulnerable to Authentication Bypass Using an Alternate Path or Channel

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

8.2CVSS5.8AI score0.00622EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35385

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

5.2AI score0.00622EPSS
Exploits1References3
Circl
Circl
added 2026/02/28 9:1 a.m.4 views

CVE-2025-40932

creationtimestamp| type| source ---|---|--- 2026-02-28 09:01:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfvughjobx2s...

8.2CVSS5.9AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.8 views

PT-2026-22320

An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...

6.5CVSS5.9AI score0.00199EPSS
Exploits0References7
CVE
CVE
added 2026/02/04 10:28 p.m.14 views

CVE-2026-22038

CVE-2026-22038 affects AutoGPT prior to platform-beta-v0.6.46. The vulnerability arises when Stagehand blocks log API keys and authentication secrets in plaintext via logger.info() in StagehandObserveBlock, StagehandActBlock, and StagehandExtractBlock, where api_key.get_secret_value() is logged. ...

8.1CVSS5.4AI score0.00433EPSS
Exploits1References2Affected Software1
HackRead
HackRead
added 2026/02/03 2:3 p.m.6 views

Meet Moltbook, the Social Platform Where AI Agents Talk and Humans Watch

Moltbook is a new social platform where AI agents post and interact while humans observe, raising questions about autonomy, security, and agent behavior...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004259)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004259 advisory. The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on th...

5.5CVSS6.5AI score0.00774EPSS
Exploits1References35
Packet Storm News
Packet Storm News
added 2025/11/04 12:0 a.m.19 views

1 PoCo: Agentic Proof-Of-Concept Exploit Generation for Smart Contracts

Smart contracts operate in a highly adversarial environment, where vulnerabilities can lead to substantial financial losses. Thus, smart contracts are subject to security audits. In auditing, proof-of-concept PoC exploits play a critical role by demonstrating to the stakeholders that the reported...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2025/10/31 6:58 p.m.476 views

Rootkit Privilege Escalation Signal Hunter

This module searches for rootkits which use signals to elevate process privileges to UID 0 root. Some rootkits install signal handlers which listen for specific signals to elevate process privileges. This module identifies these rootkits by sending signals and observing UID switching to root. Thi...

5.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/20 11:0 a.m.7 views

Agentic AI’s OODA Loop Problem

The OODA loop --for observe, orient, decide, act--is a framework to understand decision-making in adversarial situations. We apply the same framework to artificial intelligence agents, who have to make their decisions with untrustworthy observations and orientation. To solve this problem, we need...

7.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/13 12:0 a.m.4 views

Countermind: A Multi-Layered Security Architecture for Large Language Models

The security of Large Language Model LLM applications is fundamentally challenged by "form-first" attacks like prompt injection and jailbreaking, where malicious instructions are embedded within user inputs. Conventional defenses, which rely on post hoc output filtering, are often brittle and fai...

7.1AI score
Exploits0
Rows per page
Query Builder