Lucene search
K

1385 matches found

Vulnrichment
Vulnrichment
added 2026/06/12 8:7 p.m.7 views

CVE-2026-54057 Kitty vulnerable to command injection via unsanitized OSC 21 query reply

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 color-control query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version 0.47.3 fixes the issue...

7.3CVSS5.2AI score0.00166EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2026/06/11 6:0 a.m.12 views

unbound security update

An update is available for unbound. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or DNSS...

8.7CVSS5.5AI score0.00842EPSS
Exploits0
OSV
OSV
added 2026/06/11 6:0 a.m.9 views

RLSA-2026:24365 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

7.5CVSS5.4AI score0.00842EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 5:4 a.m.28 views

CVE-2026-40999

CVE-2026-40999 affects Spring Web Services (versions across 3.1.0–3.1.8, 4.0.0–4.0.18, 4.1.0–4.1.3, 5.0.0–5.0.1). When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS can initiate outbound connections via configured WebServiceMessageSender instances to destination...

8.6CVSS5.5AI score0.00383EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 5:4 a.m.10 views

CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

8.6CVSS5.4AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.28 views

CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

8.6CVSS0.00383EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 5:4 a.m.11 views

EUVD-2026-36209

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

8.6CVSS5.4AI score0.00383EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 1:13 a.m.7 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness via the sendAndReceive function when using a fixed reply queue, due to correlation IDs being generated sequentially by an internal counter. An attacker can intercept or inject unauthorized replies by predicting...

4.4CVSS5.3AI score0.00173EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 12:31 a.m.10 views

EUVD-2026-35895

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS5.5AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

VMware Spring AMQP 安全特征问题漏洞

VMware Spring AMQP is a message queue integration framework developed by the American company VMware. There is a security vulnerability in VMware Spring AMQP, which stems from the use of a fixed reply queue ID in the RabbitTemplate.sendAndReceive method, making it predictable due to an internal...

4.4CVSS5.3AI score0.00173EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/06/10 12:0 a.m.8 views

CVE-2026-40999: Spring WS SSRF via unvalidated WS-Addressing reply destinations

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. A remo...

8.6CVSS5.9AI score0.00383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 11:47 p.m.38 views

CVE-2026-41701 In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS0.00173EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:47 p.m.6 views

CVE-2026-41701 In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS5.5AI score0.00173EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:47 p.m.31 views

CVE-2026-41701

CVE-2026-41701 affects Spring AMQP (RabbitTemplate) where correlation IDs for replies on fixed reply queues are generated by an internal simple counter, making them predictable. This data from NVD/CVE listings confirms the issue affects multiple versions (2.4.0–2.4.17, 3.1.0–3.1.15, 3.2.0–3.2.10,...

4.4CVSS5.5AI score0.00173EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:44 p.m.18 views

CVE-2026-53673

CVE-2026-53673 affects BuddyPress 14.4.0. The issue is an insecure direct object reference in the messages REST API where a user_id parameter can be supplied to read, reply to, or delete private messages. Attackers can pass another user’s identifier to get_item_permissions_check (which validates ...

8.6CVSS5.6AI score0.00294EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-48314

Name of the Vulnerable Software and Affected Versions Spring AMQP versions 4.0.0 through 4.0.3 Spring AMQP versions 3.2.0 through 3.2.10 Spring AMQP versions 3.1.0 through 3.1.15 Spring AMQP versions 2.4.0 through 2.4.17 Description Correlation IDs for replies in the sendAndReceive function of...

4.4CVSS5.8AI score0.00173EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2026/06/09 12:0 a.m.6 views

CVE-2026-41701: In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter...

4.4CVSS5.8AI score0.00173EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/08 10:49 a.m.13 views

Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS5.7AI score0.01272EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 10:49 a.m.12 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.5AI score0.00779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 8:53 a.m.15 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.5AI score0.00779EPSS
Exploits0References4
Rows per page
Query Builder