Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

RedhatCVE
RedhatCVEadded yesterday4 views

CVE-2026-45044

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the admin router explicitly whitelists /profile/cpu and /profile/memory from the authentication layer, allowing any unauthenticated HTTP client to invoke profiling handlers without credentials. On supported builds...

8.8CVSS5.5AI score0.00075EPSS
Exploits0References1
NVD
NVDadded 2026/05/28 7:16 p.m.10 views

CVE-2026-45044

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the admin router explicitly whitelists /profile/cpu and /profile/memory from the authentication layer, allowing any unauthenticated HTTP client to invoke profiling handlers without credentials. On supported builds...

8.8CVSS0.00075EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/28 6:31 p.m.7 views

CVE-2026-45044

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the admin router explicitly whitelists /profile/cpu and /profile/memory from the authentication layer, allowing any unauthenticated HTTP client to invoke profiling handlers without credentials. On supported builds...

8.8CVSS5.8AI score0.00075EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/05/28 6:31 p.m.8 views

CVE-2026-45044

RustFS prior to 1.0.0-beta.2 is vulnerable. The admin router’s whitelist of /profile/cpu and /profile/memory from authentication allows any unauthenticated client to invoke profiling handlers. On supported builds (e.g., glibc), the handler runs a fixed 60-second CPU profiling operation, potential...

8.8CVSS5.8AI score0.00075EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/28 6:31 p.m.5 views

EUVD-2026-32994

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the admin router explicitly whitelists /profile/cpu and /profile/memory from the authentication layer, allowing any unauthenticated HTTP client to invoke profiling handlers without credentials. On supported builds...

8.8CVSS5.8AI score0.00075EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/02/07 12:25 a.m.3 views

SUSE CVE-2026-23517

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS5.3AI score0.00131EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/22 11:24 p.m.4 views

CVE-2026-23517

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS5.5AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/21 9:45 p.m.15 views

CVE-2026-23517 Fleet has an Access Control vulnerability in debug/pprof endpoints

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS0.00131EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/21 9:45 p.m.3 views

CVE-2026-23517

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS5.3AI score0.00131EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/21 9:45 p.m.4 views

CVE-2026-23517 Fleet has an Access Control vulnerability in debug/pprof endpoints

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS5.5AI score0.00131EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/21 9:45 p.m.5 views

EUVD-2026-3349

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS5.5AI score0.00131EPSS
Exploits0References3
OSV
OSVadded 2026/01/20 8:55 p.m.5 views

GHSA-4R5R-CCR6-Q6F6 Fleet has an Access Control vulnerability in debug/pprof endpoints

Summary A broken access control issue in Fleet allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server diagnostics and trigger resource-intensive profiling operations. Impact Fleet’s debug/pprof endpoints...

7.1CVSS5.5AI score0.00131EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2021/09/01 12:0 a.m.4 views

PT-2021-6571

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect...

4.1CVSS6AI score0.00183EPSS
Exploits0References22
Rows per page
Query Builder