Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded yesterday4 views

CVE-2026-39832

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS5.5AI score0.00068EPSS
Exploits0References1
NVD
NVDadded 2026/04/06 4:16 p.m.2 views

CVE-2026-34148

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote document loader and authenticated document loader without enforcing a maximum redirect count or...

7.5CVSS0.00086EPSS
Exploits1References5
EUVD
EUVDadded 2025/12/05 6:12 p.m.4 views

EUVD-2025-201100

Envoy crashes when JWT authentication is configured with the remote JWKS fetching...

6.5CVSS6.7AI score0.00004EPSS
Exploits1References2
Packet Storm News
Packet Storm Newsadded 2025/06/22 12:0 a.m.3 views

LURK-T: Limited Use of Remote Keys with Added Trust in TLS 1.3

In many web applications, such as Content Delivery Networks CDNs, TLS credentials are shared, e.g., between the website's TLS origin server and the CDN's edge servers, which can be distributed around the globe. To enhance the security and trust for TLS 1.3 in such scenarios, we propose LURK-T, a...

7.1AI score
Exploits0
Amazon
Amazonadded 2024/11/13 12:0 a.m.3 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

7.5CVSS7.5AI score0.00796EPSS
Exploits2
CNNVD
CNNVDadded 2024/03/27 12:0 a.m.2 views

Elasticsearch 安全漏洞

Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch versions prior to 8.13.0 that stems from an incorrect authorization issue in the API key-based security model, allowing an attacker with a remote cluster API key to read arbitrary...

6.5CVSS6.2AI score0.00341EPSS
Exploits0References4
OSV
OSVadded 2021/05/31 11:51 p.m.8 views

UVI-2021-1000525 Bluetooth: SMP: Fail if remote and local public keys are identical

Bluetooth: SMP: Fail if remote and local public keys are identical This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.234 by commit...

7.2AI score
Exploits0
OSV
OSVadded 2021/05/31 11:51 p.m.8 views

GSD-2021-1000524 Bluetooth: SMP: Fail if remote and local public keys are identical

Bluetooth: SMP: Fail if remote and local public keys are identical This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.192 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder