Lucene search
K

182 matches found

EUVD
EUVD
added 2026/06/10 12:31 a.m.12 views

EUVD-2026-35895

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS5.5AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 12:16 a.m.19 views

CVE-2026-41701

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS0.00173EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:48 p.m.22 views

CVE-2026-41714

Spring AMQP 2.4.x/3.1.x/3.2.x/4.0.x (versions 2.4.0–2.4.17, 3.1.0–3.1.15, 3.2.0–3.2.10, 4.0.0–4.0.3) are affected by CVE-2026-41714. The issue occurs when a broker connection is configured via RabbitConnectionFactoryBean.setUri("amqps://...") without calling setUseSSL(true). This leads to TLS enc...

4CVSS5.5AI score0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.9 views

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

5.8AI score0.0016EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 8:9 a.m.20 views

Malicious code in @autofleet/rabbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a766d89a5ed19491bd107e5d31c79fbbe7a9be9bce2a957b290408fb9f54140c The package's compiled entry dist/index.js:48 defines let host = process.env.RABBITMQSERVICEHOST || '35.240.13.28' and then connects via...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/26 8:9 a.m.21 views

MAL-2026-4787 Malicious code in @autofleet/rabbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a766d89a5ed19491bd107e5d31c79fbbe7a9be9bce2a957b290408fb9f54140c The package's compiled entry dist/index.js:48 defines let host = process.env.RABBITMQSERVICEHOST || '35.240.13.28' and then connects via...

5.9AI score
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:31 a.m.5 views

EUVD-2025-202957

The Rabbit Hole plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the plugin's reset functionality. This makes it possible for unauthenticated attackers to reset the plugin's settings...

4.3CVSS4.9AI score0.00124EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/12 3:21 a.m.3 views

CVE-2025-13366 Rabbit Hole <= 1.1 - Cross-Site Request Forgery to Settings Reset

The Rabbit Hole plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the plugin's reset functionality. This makes it possible for unauthenticated attackers to reset the plugin's settings...

4.3CVSS5AI score0.00124EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/12 3:21 a.m.24 views

CVE-2025-13366 Rabbit Hole <= 1.1 - Cross-Site Request Forgery to Settings Reset

The Rabbit Hole plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the plugin's reset functionality. This makes it possible for unauthenticated attackers to reset the plugin's settings...

4.3CVSS0.00124EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.6 views

WordPress plugin Rabbit Hole 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.3AI score0.00124EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/11 11:31 p.m.6 views

WordPress Rabbit Hole plugin <= 1.1 - Cross-Site Request Forgery to Settings Reset vulnerability

Cross-Site Request Forgery to Settings Reset vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Rabbit Hole versions = 1.1...

4.3CVSS6.7AI score0.00124EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2025/12/05 6:54 p.m.11 views

com.rabbitmq:stream-client (=1.4.0), org.qubership.profiler:qubership-profiler-cli (>=3.0.3 <=3.0.4) +6 more potentially affected by CVE-2025-12183 +1 more via at.yawk.lz4:lz4-java (=1.10.0)

at.yawk.lz4:lz4-java MAVEN version =1.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on at.yawk.lz4:lz4-java and may be impacted: - com.rabbitmq:stream-client =1.4.0 - org.qubership.profiler:qubership-profiler-cli =3.0.3, =3.0.3, =3.0.3, =3.0.3,...

8.8CVSS7.1AI score0.00647EPSS
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.0 views

EUVD-2025-117036

Malicious code in technological-brown-rabbit npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:46 p.m.0 views

EUVD-2025-99087

Malicious code in experimentalrabbitz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:46 p.m.1 views

EUVD-2025-103528

Malicious code in naturalrabbitz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:46 p.m.0 views

EUVD-2025-98067

Malicious code in impressedrabbitz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.0 views

EUVD-2025-95136

Malicious code in scrawnyrabbitz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 3:19 p.m.0 views

EUVD-2025-89232

Malicious code in quixoticrabbitz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 3:19 p.m.1 views

EUVD-2025-89890

Malicious code in nervousrabbitz3n npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/11 3:19 p.m.1 views

MAL-2025-115994 Malicious code in nervous_rabbit_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdadf8221820511872cb3269c9a5e8c3f05f798babab8b0ef3905c1475188516 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder