Lucene search
K

2426 matches found

RedhatCVE
RedhatCVE
added 4 days ago7 views

CVE-2026-53363

A flaw was found in the Linux kernel's iptfs component, part of the IPSec framework. The iptfsconsumefrags function does not correctly propagate a flag indicating shared fragments. This can cause the Encapsulating Security Payload ESP to make incorrect security decisions regarding in-place...

6.1AI score0.00111EPSS
Exploits0References4
CVE
CVE
added 2026/07/06 7:33 p.m.14 views

CVE-2026-44362

OP-TEE (trusted execution environment for Arm TrustZone) has a vulnerability in subkey rollback protection affecting versions 3.20.0 through 4.10.x; during TA loading, shdr_load_pub_key() fails to propagate subkey_version into the runtime structure, so key->version stays zero. When check_updat...

5.5CVSS6AI score0.00122EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/06 7:33 p.m.33 views

CVE-2026-44362 OP-TEE's subkey rollback protection can be bypassed with older subkey versions

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked ...

5.5CVSS0.00122EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/06 3:19 p.m.7 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.5 security update

Important: Red Hat OpenShift GitOps v1.20.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9568 GitOps operator propagates argo CD tracking annotations to dynamic roleBindings GITOPS-9971 Image Updater Self-hosted Quay images redirect t...

9.6CVSS6AI score0.00813EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 9:17 p.m.7 views

CVE-2026-54712

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.27.0, the RMI context propagation payload reader limits the number of context entries but does not limit the aggregate size of the strings read from the...

5.3CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/01 12:11 a.m.6 views

CVE-2026-53488

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS5.9AI score0.00203EPSS
Exploits0
OSV
OSV
added 2026/06/30 6:18 p.m.5 views

GHSA-WMGG-3P4H-48X7 Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover

Summary A stronger framing of the same root cause as GHSA-gx55-f84r-v3r7: the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous fields into the generated pods. Details Three independent flaws compounded: 1. Validate gap...

9.9CVSS5.8AI score0.003EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2026/06/30 3:47 p.m.11 views

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 CVSS score: 9.3, an unauthenticated remote code execution RCE vulnerability in Langflow,...

9.8CVSS8.1AI score0.98191EPSS
Exploits20
OSV
OSV
added 2026/06/29 6:16 a.m.4 views

UBUNTU-CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/29 4:53 a.m.8 views

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/27 1:54 a.m.9 views

SUSE CVE-2026-53053

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

7CVSS5.8AI score0.00128EPSS
Exploits0References12
OSV
OSV
added 2026/06/26 4:48 p.m.6 views

PYSEC-2026-236 Malicious code in pyphetools (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of pyphetools were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 2:23 p.m.3 views

PYSEC-2026-235 Malicious code in ppkt2synergy (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of ppkt2synergy were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials an...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 2:17 p.m.4 views

PYSEC-2026-234 Malicious code in phenopacket-store-toolkit (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of phenopacket-store-toolkit were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates...

5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 7:58 p.m.22 views

CVE-2026-10512 X25519 x86_64 assembly final reduction leaves non-canonical field element

The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...

2.3CVSS0.00263EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 2:36 p.m.7 views

PYSEC-2026-231 Malicious code in embiggen (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of embiggen were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3
Ubuntu
Ubuntu
added 2026/06/25 1:14 p.m.10 views

USN-8473-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.9CVSS6.4AI score0.00781EPSS
Exploits0
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53233

In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump directly to it. Let's not unbind, just propagate the error to the user. Thi...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53171

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS5.9AI score0.00137EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39324

In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump directly to it. Let's not unbind, just propagate the error to the user. Thi...

5.7AI score0.00138EPSS
Exploits0References4
Rows per page
Query Builder