Lucene search
K

54 matches found

NVD
NVD
added last week11 views

CVE-2026-40139

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts...

9.8CVSS0.00653EPSS
Exploits0References1
EUVD
EUVD
added last week5 views

EUVD-2026-41887

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts...

9.2CVSS6AI score0.00653EPSS
Exploits0References1
EUVD
EUVD
added last week7 views

EUVD-2026-41886

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...

9.2CVSS6AI score0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added last week7 views

CVE-2026-40138 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...

9.2CVSS6AI score0.00417EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.53 views

Fedora 44 : roundcubemail (2026-2b956d89d3)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2b956d89d3 advisory. Release 1.7.1 - Enigma: Support automatic public key lookup import using HKP v1 protocol 5314 - Managesieve: Fix error when a mail message contains...

8.1CVSS6AI score0.00764EPSS
Exploits1References9
Cvelist
Cvelist
added 2026/05/28 8:41 p.m.36 views

CVE-2026-45344 LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

8.1CVSS0.00456EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 2:36 p.m.10 views

GHSA-XWCR-WM99-G9JC Algernon: handler.lua discovery walks parent directories above the server root

Summary When Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured server root — looking for a file named handler.lua to execute as the request handler. The loop terminates only after 100 ancest...

9CVSS6.5AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-41968

Name of the Vulnerable Software and Affected Versions Mailpit affected versions not specified Description Unauthenticated remote attackers can cause a denial of service DoS by sending arbitrarily large messages via the SMTP server or the HTTP API. The application fails to enforce limits on the...

7.5CVSS5.9AI score0.00099EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/08 7:49 p.m.8 views

CVE-2026-42189 Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/24 3:39 p.m.20 views

russh has pre-auth DoS via unbounded allocation in its keyboard-interactive auth handler

Summary A pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for 2FA/TOTP with a single malformed packet, requiring no credential...

7.5CVSS5.5AI score0.00481EPSS
Exploits1References5Affected Software1
GithubExploit
GithubExploit
added 2026/02/19 9:29 p.m.195 views

Exploit for Code Injection in Ivanti Endpoint_Manager_Mobile

Ivanti EPMM pre-auth RCE Dummy Target A simple demo applicati...

9.8CVSS5.7AI score0.8404EPSS
Exploits6
Talos
Talos
added 2026/01/20 12:0 a.m.7 views

MedDream PACS Premium modifyRoute reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2266 MedDream PACS Premium modifyRoute reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57787 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyRoute functionality of MedDream PACS Premium...

6.1CVSS5.7AI score0.0026EPSS
Exploits1
Nuclei
Nuclei
added 2025/10/28 12:38 a.m.15 views

Adobe Experience Manager Forms - Insecure Deserialization

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user...

10CVSS7.8AI score0.87515EPSS
Exploits7References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19574

Malware in sbrugna...

8.1CVSS8AI score0.02036EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-12187

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00919EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10972

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.11198EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12219

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00331EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-12271

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00919EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-12217

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00277EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-12270

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00919EPSS
Exploits1References2
Rows per page
Query Builder