Lucene search
K

479 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-58252

A flaw was found in NATS Server. An authenticated user could bypass configured access restrictions and receive messages on subjects that were explicitly denied. This occurs when a wildcard subscription overlaps with a wildcard deny rule but is not a direct subset, or when queue subscriptions...

6.5CVSS6AI score0.00465EPSS
Exploits0References10
NVD
NVD
added 6 days ago5 views

CVE-2026-58252

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset...

6.5CVSS0.00465EPSS
Exploits0References7
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-58252 NATS Server: Subscribe Authz Bypass via Wildcard-Overlap

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset...

6.5CVSS0.00465EPSS
Exploits0References7
CVE
CVE
added 6 days ago13 views

CVE-2026-58252

CVE-2026-58252 affects NATS Server prior to versions 2.14.0, 2.12.7, and 2.11.16. An authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset of it; queue subscriptions could also affect delivery...

6.5CVSS6AI score0.00465EPSS
Exploits0References7Affected Software1
Amazon
Amazon
added 2026/07/07 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare CVE-2026-43303 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl CVE-2026-43492 In...

9.8CVSS6.3AI score0.00675EPSS
Exploits1
OSV
OSV
added 2026/06/30 9:25 p.m.2 views

GHSA-8J3X-M868-CPW8 Open Babel has out-of-bounds write (overlapping memcpy) in zipstream basic_unzip_streambuf::underflow

Summary A memory-safety vulnerability in Open Babel's bundled zipstream decompression code caused an out-of-bounds write via overlapping memcpy when reading a crafted gzip-compressed chemistry file. Details The flaw was in basicunzipstreambuf::underflow. The decompression buffer refill path invok...

7.8CVSS6.4AI score0.00202EPSS
Exploits1References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: check for partial overlaps in anonymous sets The user space provides an optimized representation when case intervals are adjacent, where the end element is omitted. The existing partial overlap detection...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 5:16 p.m.16 views

CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

9.8CVSS0.00457EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.22 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:5 a.m.9 views

erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()

...

7.1CVSS5.4AI score0.00131EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.10 views

SUSE CVE-2026-45873

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: check for partial overlaps in anonymous sets Userspace provides an optimized representation in case intervals are adjacent, where the end element is omitted. The existing partial overlap detection logic...

5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.12 views

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

5.5CVSS5.7AI score0.00131EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 5:16 p.m.34 views

CVE-2026-44321

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...

7.5CVSS0.00364EPSS
Exploits1References4
NVD
NVD
added 2026/05/27 2:17 p.m.18 views

CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

7.1CVSS0.00131EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-45873

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: check for partial overlaps in anonymous sets Userspace provides an optimized representation in case intervals are adjacent, where the end element is omitted. The existing partial overlap detection logic...

6.9CVSS5.7AI score0.00156EPSS
Exploits0References11
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-45873

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: check for partial overlaps in anonymous sets Userspace provides an optimized representation in case intervals are adjacent, where the end element is omitted. The existing partial overlap detection logic...

5.5CVSS0.00156EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/27 12:57 p.m.11 views

EUVD-2026-32433

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.8AI score0.00095EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:55 p.m.4 views

CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

7.1CVSS5.6AI score0.00131EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/27 12:55 p.m.13 views

EUVD-2026-32295

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

5.7AI score0.00131EPSS
Exploits0References5
Rows per page
Query Builder