Lucene search
K

4 matches found

EUVD
EUVD
added 2026/04/21 9:31 p.m.6 views

EUVD-2026-24505

HKUDS OpenHarness prior to PR 147 remediation contains an insecure default configuration vulnerability where remote channels inherit allowfrom = "" permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access controls and reach...

8.3CVSS5.9AI score0.00341EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/21 9:31 p.m.6 views

EUVD-2026-24292

HKUDS OpenHarness prior to PR 156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state,...

8.8CVSS5.8AI score0.00293EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/21 7:41 p.m.3 views

CVE-2026-6819 HKUDS OpenHarness Plugin Management Command Exposure

HKUDS OpenHarness prior to PR 156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state,...

8.8CVSS5.8AI score0.00293EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.11 views

PT-2026-34065

HKUDS OpenHarness prior to PR 156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state,...

8.8CVSS5.8AI score0.00293EPSS
Exploits1References5
Rows per page
Query Builder