Lucene search
K

490 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-62657

A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device...

7.6CVSS0.001EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2 days ago3 views

EulerOS 2.0 SP10 : cups (EulerOS-SA-2026-2683)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a...

7.8CVSS6.9AI score0.00502EPSS
Exploits2References3
CVE
CVE
added 4 days ago14 views

CVE-2026-15472

Technical details are not publicly available in the provided documents. Monitor for updates.

5.3CVSS5.9AI score0.00207EPSS
Exploits0References5
NVD
NVD
added 6 days ago6 views

CVE-2026-15318

A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Affected by this issue is some unknown functionality of the file pkg/channels/mqtt/mqtt.go of the component MQTT Channel Handler. This manipulation of the argument clientid causes incorrect authorization. The attack is possible to be...

6.5CVSS0.00214EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/08 1:34 p.m.5 views

EUVD-2026-42240

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Incorrect Authorization vulnerability. A low privileged attacker with...

8.8CVSS6AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 5:16 a.m.8 views

CVE-2026-14794

A flaw has been found in Craft CMS up to 4.18.0.1. Affected by this vulnerability is the function actionGetNewUsersData of the file src/controllers/ChartsController.php of the component Charts Endpoint. This manipulation of the argument userGroupId causes improper authorization. The attack is...

5.3CVSS0.00222EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 9:16 a.m.11 views

CVE-2026-13484

A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. Such manipulation leads to missing authorization. It is possible to launch the attack remotely. A high...

8.8CVSS0.00263EPSS
Exploits1References7
EUVD
EUVD
added 2026/06/21 10:0 a.m.13 views

EUVD-2026-38158

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function uiviewusers of the file litellm/proxy/managementendpoints/internaluserendpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. I...

8.1CVSS6AI score0.00315EPSS
Exploits1References5
NVD
NVD
added 2026/06/14 6:17 p.m.13 views

CVE-2026-54413

driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle0x27SecurityAccess function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a single-byt...

8.8CVSS0.00459EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.24 views

PT-2026-48789

Name of the Vulnerable Software and Affected Versions Idira Identity Browser Extension Chrome, Firefox, and Edge builds versions prior to 26.8.1 Description An origin validation flaw exists within the internal web-page verification routines. This issue allows a remote attacker to trigger...

8.4CVSS5.6AI score0.00161EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.11 views

CVE-2026-7142

A vulnerability was determined in Wooey up to 0.13.2. The impacted element is the function addorupdatescript of the file wooey/api/scripts.py of the component API Endpoint. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6AI score0.00214EPSS
Exploits0References1
Redos
Redos
added 2026/06/05 12:0 a.m.10 views

ROS-20260605-73-0076

The vulnerability in Firefox is related to the lack of protection for service data. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

7.5CVSS7.2AI score0.00385EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/01 3:0 a.m.12 views

CVE-2026-10218 nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization

A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolutionhandlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be...

5.5CVSS5.6AI score0.0023EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-44809

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...

8.7CVSS6AI score0.00434EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 10:0 p.m.20 views

CVE-2026-9603

CVE-2026-9603 affects SourceCodester eDoc Doctor Appointment System 1.0. The vulnerability is due to manipulation of the ID parameter in /admin/delete-session.php, leading to missing authorization and enabling remote exploitation. Public PoC/exploit details are referenced. Vulnerability details r...

6.9CVSS6.3AI score0.00325EPSS
Exploits0References6
Redos
Redos
added 2026/05/26 12:0 a.m.22 views

ROS-20260526-73-0017

Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

8.7CVSS5.8AI score0.00294EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.12 views

JPress 授权问题漏洞

JPress is a blog platform developed using the Java language by the JPress team. Versions of JPress 1.0.3 and earlier contained an authorization vulnerability. This vulnerability stemmed from improper handling of the parameter id/userId in the UCenter Article Submission Endpoint component, which...

6.5CVSS6.7AI score0.00252EPSS
Exploits0References4
Redos
Redos
added 2026/05/05 12:0 a.m.9 views

ROS-20260505-73-0081

A vulnerability in the getnetbyaddr and getnetbyaddrr functions of the GNU C Library is related to the use of an uninitialized resource. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.5CVSS7.2AI score0.00564EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.20 views

PT-2026-34780

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description An agentic consent bypass allows LLM agents to silently disable execution approval. Remote attackers can exploit this by using the config.patch parameter to bypass security controls and execute...

8.8CVSS5.6AI score0.00473EPSS
Exploits0References7
Redos
Redos
added 2026/04/20 12:0 a.m.7 views

ROS-20260420-73-0025

Vulnerability in python-aiohttp related to lack of service data protection. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

6.3CVSS6.4AI score0.00313EPSS
Exploits0
Rows per page
Query Builder