CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Chainguard•added yesterday•3 views

CVE-2026-54911 vulnerabilities

6.5CVSS5.8AI score0.00287EPSS

Chainguard•added yesterday•3 views

GHSA-6V7P-G79W-8964 vulnerabilities

Vulnerabilities for packages: openstack-placement-2025.1-fips, openstack-tempest-2026.1, openstack-tempest-2025.1, dbt-core, openstack-placement-2026.1-fips, jupyter-all-spark-notebook, openstack-glance-2025.1-fips, openstack-horizon-2025.1, authentik, openstack-keystone-2026.1, dbt-bigquery,...

5.8AI score

RedhatCVE•added 6 days ago•5 views

CVE-2026-55748

A flaw was found in OpenStack Horizon. This vulnerability allows a highly privileged remote attacker, with user interaction, to craft a project name containing shell metacharacters. When scripts for OpenStack RC file downloading are produced, these metacharacters may be processed, potentially...

6CVSS5AI score0.0019EPSS

Exploits0References5

Github Security Blog•added last week•10 views

OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.3AI score0.0019EPSS

Exploits0References4Affected Software1

NVD•added last week•8 views

CVE-2026-55748

6CVSS0.0019EPSS

OSV•added last week•5 views

UBUNTU-CVE-2026-55748

6CVSS5.8AI score0.0019EPSS

Exploits0References4

EUVD•added last week•5 views

EUVD-2026-37723

6CVSS5.4AI score0.0019EPSS

CVE•added last week•8 views

CVE-2026-55748

OpenStack Horizon prior to 25.7.4 can generate scripts for downloading OpenStack RC files where a crafted project name containing shell metacharacters is possible. The description notes this as a security hardening opportunity rather than a vulnerability, and the CVSS 3.1 metrics indicate a MEDIU...

6CVSS5.4AI score0.0019EPSS

Cvelist•added last week•26 views

CVE-2026-55748

6CVSS0.0019EPSS

Debian CVE•added last week•6 views

CVE-2026-55748

6CVSS5.3AI score0.0019EPSS

RedhatCVE•added 2026/05/06 8:20 a.m.•6 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

EUVD•added 2026/05/05 6:33 p.m.•5 views

Exploits0References1

EUVD-2026-27406

5.3CVSS5.8AI score0.02841EPSS

Exploits0References3

Github Security Blog•added 2026/05/05 6:33 p.m.•13 views

OpenStack Horizon has Incorrect Behavior Order

Exploits0References5Affected Software1

OSV•added 2026/05/05 6:33 p.m.•4 views

GHSA-VXVF-XVM3-P8J5 OpenStack Horizon has Incorrect Behavior Order

UbuntuCve•added 2026/05/05 5:17 p.m.•2 views

Exploits0References5

CVE-2026-43002

OSV•added 2026/05/05 5:17 p.m.•1 views

Exploits0References3

UBUNTU-CVE-2026-43002

Positive Technologies•added 2026/05/05 12:0 a.m.•7 views

Exploits0References4

PT-2026-37090

Name of the Vulnerable Software and Affected Versions OpenStack Horizon versions 25.6 through 25.7.2 Description A flaw exists in the login view where a post-login redirect URL is written to the server-side session storage before a user is authenticated. This allows unauthenticated requests to...

CNNVD•added 2026/05/05 12:0 a.m.•8 views

Exploits0References6

OpenStack Horizon 安全漏洞

OpenStack Horizon is an OpenStack-based project built using Django. It aims to provide a complete OpenStack dashboard along with a scalable framework for building new dashboards from reusable components. Versions 25.6, 25.7, and prior to 25.7.3 of OpenStack Horizon contained security...