Lucene search
K

890 matches found

OSV
OSV
added 2026/03/25 11:16 a.m.7 views

UBUNTU-CVE-2026-23385

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

5.5CVSS5.7AI score0.00135EPSS
Exploits0References6
CVE
CVE
added 2026/03/25 10:28 a.m.19 views

CVE-2026-23385

In the Linux kernel netfilter nf_tables subsystem, CVE-2026-23385 describes a vulnerability where cloning a set during a flush operation could trigger a GFP_KERNEL memory allocation failure, producing a WARN splat and potentially destabilizing the system. The fix tightens clone handling by restri...

5.5CVSS5.7AI score0.00135EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:28 a.m.25 views

CVE-2026-23385 netfilter: nf_tables: clone set on flush only

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

0.00135EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23351 netfilter: nft_set_pipapo: split gc into unlink and reclaim phase

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS0.00119EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.3AI score0.00119EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23351 netfilter: nft_set_pipapo: split gc into unlink and reclaim phase

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.11 views

PT-2026-28167

Name of the Vulnerable Software and Affected Versions yaml versions prior to 1.10.3 yaml versions prior to 2.8.3 Description The yaml library is susceptible to a stack overflow when parsing YAML documents. The issue occurs during the node resolution/composition phase, which uses recursive functio...

4.3CVSS6AI score0.0047EPSS
Exploits1References58
Veeam
Veeam
added 2026/03/24 12:0 a.m.23 views

New Search Experience for Veeam Data Cloud for Microsoft 365

Purpose We are excited to announce the initial rollout of our new search feature, designed to significantly improve the speed and efficiency of your search experience. Below are the details and important limitations to be aware of during this phased rollout. What's New Faster Search Experience Ou...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/23 7:42 p.m.219 views

Reconx

🔍 reconx - Modular Penetration Testing Framework !Python 3...

6AI score
Exploits0
EUVD
EUVD
added 2026/03/13 8:14 p.m.4 views

EUVD-2026-12105

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that escalates to Remote Code Execution on the host OS...

9.6CVSS5.9AI score0.00721EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

Quantum CDMA-Based Continuous Variable Quantum Key Distribution Using Chaotic Phase Shifters

We present a quantum code-division multiple-access q-CDMA framework for multiuser continuous-variable quantum key distribution CV-QKD over a shared quantum channel. The proposed architecture employs chaotic phase shifters to encode and decode quantum states, enabling efficient multiplexing and...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.12 views

PT-2026-25378

Another example of the nodeIntegration: true / contextIsolation: false combination leading to a critical security vulnerability in a production Electron application. AnythingLLM Desktop is a popular local LLM + RAG tool. Their streaming chat renderer does not sanitise LLM output before DOM...

9.6CVSS6.5AI score0.00721EPSS
Exploits1References11
GithubExploit
GithubExploit
added 2026/03/12 9:11 p.m.130 views

Shadowaudit

Shado...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/03/12 6:8 p.m.33 views

CVE-2026-32141 flatted: Unbounded recursion DoS in parse() revive phase

flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow...

7.5CVSS0.00777EPSS
Exploits1References3
OSV
OSV
added 2026/03/12 8:39 a.m.3 views

BIT-ENVOY-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...

7.5CVSS5.7AI score0.00315EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/11 7:8 a.m.193 views

AutoPwn

/ \ | | | ...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.4 views

Don't Let the Claw Grip Your Hand: A Security Analysis and Defense Framework for OpenClaw

Code agents powered by large language models can execute shell commands on behalf of users, introducing severe security vulnerabilities. This paper presents a two-phase security analysis of the OpenClaw platform. As an open-source AI agent framework that operates locally, OpenClaw can be integrat...

5.9AI score
Exploits0
NVD
NVD
added 2026/03/10 8:16 p.m.9 views

CVE-2026-26330

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...

7.5CVSS0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/10 7:19 p.m.2 views

CVE-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References1
Rows per page
Query Builder