Lucene search
K

80 matches found

SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.8 views

SUSE CVE-2026-46028

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.11 views

Strengthening Polymorphic Prompt Assembling: Dynamic Separator Generation against Emerging Prompt Injection Attacks

Polymorphic Prompt Assembling PPA defends LLM agents against prompt injections by randomly selecting separator pairs from a fixed pool to isolate user input from system instructions. Although effective, static pool reuse exposes a blast-radius vulnerability: once a separator leaks, it can be...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46028

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.5CVSS0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/27 12:56 p.m.11 views

EUVD-2026-32409

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.9AI score0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.38 views

CVE-2026-46028 crypto: algif_aead - snapshot IV for async AEAD requests

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

0.00123EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.10 views

PT-2026-43895

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the algif aead component where AF ALG AEAD AIO requests utilize a socket-wide IV Initialization Vector buffer during processing. For asynchronous requests, subsequent...

5.5CVSS5.9AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/05/27 12:0 a.m.3 views

UBUNTU-CVE-2026-46028

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-46028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async...

5.5CVSS6AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.12 views

PT-2026-41685

Name of the Vulnerable Software and Affected Versions Faraday versions 2.0.0 through 2.14.1 Description Faraday is an HTTP client library abstraction layer. A flaw exists where protocol-relative host override is possible when the request target is passed as a URI object instead of a String to the...

5.8AI score0.00272EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/05/14 3:34 p.m.10 views

CVE-2026-42597 Gotenberg: Chromium URL conversion routes read arbitrary files under /tmp via file:// scheme

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can lo...

5.9CVSS5.8AI score0.00251EPSS
Exploits1References1
CVE
CVE
added 2026/05/08 7:12 p.m.21 views

CVE-2026-44694

CVE-2026-44694 affects n8n-MCP before 2.50.2. An authenticated SSRF vulnerability exists in the webhook trigger tools, the n8n API client (N8N_API_URL), and per-request URLs via the x-n8n-url header in multi-tenant HTTP mode. Exploitation allows a valid MCP session to cause the host to send HTTP ...

9.1CVSS5.8AI score0.00235EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39189

Name of the Vulnerable Software and Affected Versions n8n-MCP versions 2.18.7 through 2.50.1 Description An authenticated server-side request forgery SSRF issue exists affecting the webhook trigger tools, the n8n API client N8N API URL, and per-request URLs provided via the x-n8n-url header in...

9.1CVSS5.8AI score0.00235EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.10 views

CVE-2026-43585

OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers fail to re-resolve authentication per-request, enabling attackers to use rotated-out bearer tokens for unauthoriz...

9.8CVSS5.8AI score0.0054EPSS
Exploits1References1
OSV
OSV
added 2026/05/07 1:15 a.m.3 views

GHSA-G924-CJX7-2RJW Gotenberg allows Chromium URL conversion routes to read arbitrary files under /tmp via file:// scheme

Summary The /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can load their own request-local assets, and those routes apply a...

5.9CVSS5.9AI score0.00251EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.15 views

PT-2026-38387

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.32.0 Description Anonymous callers can access the '/forms/chromium/convert/url' and '/forms/chromium/screenshot/url' endpoints using the url parameter with the file:///tmp/ scheme. While a deny-list exists to...

5.9CVSS5.9AI score0.00251EPSS
Exploits1References6
OSV
OSV
added 2026/05/06 9:31 p.m.8 views

GHSA-M8WM-R5VQ-QJPG Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xmxx-7p24-h892. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain...

9.2CVSS5.7AI score0.0054EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/05 6:42 p.m.11 views

OpenClaw's Webhooks SecretRef route secret remains valid after rotation/reload

Summary OpenClaw webhooks allowed route secrets to be backed by SecretRef values, but cached the resolved secret for a route. After an operator rotated the underlying secret and ran openclaw secrets reload, the previous resolved webhook secret could remain valid until the plugin or gateway...

6CVSS5.8AI score0.00288EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/05 6:42 p.m.5 views

GHSA-Q8FF-7FFM-M3R9 OpenClaw's Webhooks SecretRef route secret remains valid after rotation/reload

Summary OpenClaw webhooks allowed route secrets to be backed by SecretRef values, but cached the resolved secret for a route. After an operator rotated the underlying secret and ran openclaw secrets reload, the previous resolved webhook secret could remain valid until the plugin or gateway...

6CVSS5.8AI score0.00288EPSS
Exploits0References5
NVD
NVD
added 2026/04/08 6:26 p.m.6 views

CVE-2026-33756

Saleor is an e-commerce platform. From 2.0.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, Saleor supports query batching by submitting multiple GraphQL operations in a single HTTP request as a JSON array but wasn't enforcing any upper limit on the number of operations. This allowed an...

7.5CVSS0.00435EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.8 views

CVE-2026-30961

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an...

4.3CVSS5.7AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder