Lucene search
+L

3395 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-59955

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.2, Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey or management key authentication is enabled because requests under...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References4Affected Software1
OSV
OSV
added 4 days ago5 views

CVE-2026-59955 Apollo ConfigService access key authentication bypass via raw config file appId parsing

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.2, Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey or management key authentication is enabled because requests under...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-59955 Apollo ConfigService access key authentication bypass via raw config file appId parsing

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.2, Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey or management key authentication is enabled because requests under...

7.5CVSS0.00549EPSS
Exploits0References3
CVE
CVE
added 4 days ago18 views

CVE-2026-59955

CVE-2026-59955 affects Apollo ConfigService before 2.5.2, where requests to /configfiles/raw/{appId}/{clusterName}/{namespace} are authenticated using a parsed appId value of raw instead of the actual path appId. This allows potential unauthorized access to raw configuration data when AccessKey/m...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References3
OSV
OSV
added 5 days ago4 views

JLSEC-2026-735 Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing...

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS6.1AI score0.00145EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 6 days ago6 views

Apollo ConfigService access key authentication bypass via raw config file appId parsing

Summary Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey / management key authentication is enabled because authentication parsed the appId incorrectly for the raw config file endpoint. Details Requests under /configfiles/raw/appId/clusterName/namespace...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-60110

Summary Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey / management key authentication is enabled because authentication parsed the appId incorrectly for the raw config file endpoint. Details Requests under /configfiles/raw/appId/clusterName/namespace...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/11 12:31 a.m.6 views

EUVD-2026-43089

vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...

6.1AI score0.00414EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 11:16 p.m.7 views

CVE-2026-15086

vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...

5.9CVSS0.00414EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 9:57 p.m.33 views

CVE-2026-15086 Raw Formatter [Meta Tag Formatter] - Critical - Unsupported - SA-CONTRIB-2026-077

vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...

0.00414EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 9:57 p.m.8 views

CVE-2026-15086

Technical details about CVE-2026-15086 are not publicly available in the provided documents. Monitor for updates from official advisories and vulnerability feeds.

5.9CVSS6.1AI score0.00414EPSS
Exploits0References1
OSV
OSV
added 2026/07/10 9:25 a.m.4 views

SUSE-SU-2026:2841-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31771: Bluetooth: Ignore HCIERRORCANCELLEDBYHOST on adv set terminated event bsc1264145. - CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach...

9.8CVSS6.8AI score0.00385EPSS
Exploits17References57
SUSE Linux
SUSE Linux
added 2026/07/10 9:25 a.m.5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31771: Bluetooth: Ignore HCIERRORCANCELLEDBYHOST on adv set terminated event bsc1264145. CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach...

9.3CVSS6.2AI score0.00385EPSS
Exploits17References112
SUSE Linux
SUSE Linux
added 2026/07/10 9:24 a.m.6 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31771: Bluetooth: hcievent: move wake reason storage into validated event handlers bsc1264145. CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unrea...

9.3CVSS6.8AI score0.00385EPSS
Exploits17References120
SUSE Linux
SUSE Linux
added 2026/07/10 9:9 a.m.6 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work bsc1255416. CVE-2026-43198: tcp: fix potential race in tcpv6synrecvsock bsc1264610...

9.3CVSS6.1AI score0.00346EPSS
Exploits16References42
OSV
OSV
added 2026/07/10 9:9 a.m.3 views

SUSE-SU-2026:2839-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work bsc1255416. - CVE-2026-43198: tcp: fix potential race in tcpv6synrecvsock bsc1264610. ...

9.8CVSS6.7AI score0.00346EPSS
Exploits16References22
EUVD
EUVD
added 2026/07/10 4:58 a.m.11 views

EUVD-2026-42818

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS6AI score0.00379EPSS
Exploits1References1
NVD
NVD
added 2026/07/10 4:17 a.m.11 views

CVE-2026-54423

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the sendraw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control...

8.2CVSS0.00516EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/10 3:10 a.m.10 views

EUVD-2026-42781

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the sendraw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control...

8.2CVSS6AI score0.00516EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/07/10 3:10 a.m.10 views

CVE-2026-54423

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the sendraw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control...

8.2CVSS6.2AI score0.00516EPSS
Exploits0
Rows per page
Query Builder