Lucene search
K

4474 matches found

CVE
CVE
added 2026/06/05 7:28 p.m.15 views

CVE-2026-25621

Arista NGFW (Arista Edge Threat Management) Reports application is affected by insecure input validation in version 17.4.0. The vulnerability affects the Reports component (Import/Restore Data Backup Files field) and requires administrative UI access. No exploitation details are provided in the d...

7CVSS5.5AI score0.00222EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/05 7:28 p.m.28 views

CVE-2026-25621 Arista Edge Threat Management NGFW Reports Application Insecure Input Validation

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.13 views

CVE-2026-39336

ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting issue affects the Directory Reports form fields set from config, Person editor defaults rendered into address fields, and external self-registration form defaults. This is primarily an admin-to-adm...

6.1CVSS5.2AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.11 views

CVE-2026-8245

Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" . Any authenticated admin or report viewer with access to...

6CVSS5.5AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.14 views

CVE-2026-6009

Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution RCE, potentially allowing code execution on the affected system...

8.7CVSS6.2AI score0.00476EPSS
Exploits0References1
Fedora
Fedora
added 2026/06/05 4:9 a.m.28 views

[SECURITY] Fedora 43 Update: cockpit-362-1.fc43

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

8CVSS5.8AI score0.01016EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.15 views

PT-2026-47046

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW version 17.4.0 Description An infrastructure issue in the Reports application is caused by insecure input validation, which occurs when a program does not properly verify the...

7CVSS5.4AI score0.00222EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. Version...

7CVSS5.3AI score0.00222EPSS
Exploits0References1
Wordfence Blog
Wordfence Blog
added 2026/06/04 3:3 p.m.26 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 25, 2026 to May 31, 2026)

Last week, there were 277 vulnerabilities disclosed in 184 WordPress Plugins and 70 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 93 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

6.1AI score
Exploits0
Circl
Circl
added 2026/06/04 4:0 a.m.10 views

CVE-2026-41858

creationtimestamp| type| source ---|---|--- 2026-06-04 04:00:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngqfhddhf25 2026-06-04 06:34:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngyykjnwv2p 2026-06-04 07:26:16+00:00| seen|...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.9 views

TIBlender: Early-Warning Threat Intelligence from Cross-Platform Social Media Evidence

Cyber threat signals are fragmented across multiple social media platforms, yet no existing approach has fully automated their integration into actionable threat intelligence TI reports. We present TIBlender, a multi-agent system that monitors four platforms X, Reddit, Telegram, and Discord and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.45 views

ZERO-APT: A Closed-Loop Adversarial Framework for LLM-Driven Automated Penetration Testing under Intelligent Defense

LLM-driven automated penetration testing agents are typically evaluated against static targets that neither detect nor respond to attacks, so their behavior under intelligent defense remains untested. The causal consistency of multi-step attack chains likewise hinges on unstable LLM reasoning, an...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will...

8.1CVSS7AI score0.00258EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.14 views

CVE-2026-37232

An issue was discovered in OpenAirInterface5G 2.4.0 nr-softmodem in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fillRRUPrbTotDl and fillRRUPrbTotUl in openair2/E2AP/RANFUNCTION/O-RAN/ranfunckpmsubs.c lines 182 and 197 compute PRB usage percentages by dividing by...

8.6CVSS5.8AI score0.00393EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.34 views

Bastet: A Fine-Grained Expert-Labeled Dataset for DeFi Smart Contract Vulnerability Detection

Smart contract vulnerabilities in Decentralized Finance DeFi protocols resulted in over 1.49 billion USD in confirmed losses in 2024 alone, across 192 incidents 1. As LLM-based vulnerability detection emerges as a promising approach to address these threats, the quality of evaluation datasets has...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.22 views

PT-2026-45511

Name of the Vulnerable Software and Affected Versions OpenAirInterface5G version 2.4.0 Description An issue exists in the E2SM-KPM RAN Function's PRB utilization metric calculation within the nr-softmodem component. The functions fill RRU PrbTotDl and fill RRU PrbTotUl compute PRB usage percentag...

8.6CVSS5.5AI score0.00393EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/29 12:44 p.m.16 views

EUVD-2026-33298

FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full administrator privileges ar...

8.5CVSS5.8AI score0.00289EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 12:44 p.m.35 views

CVE-2026-44238 FreePBX: Authenticated SQL Injection via ORDER BY in CDR Reports

FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full administrator privileges ar...

8.5CVSS0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 12:44 p.m.13 views

CVE-2026-44238 FreePBX: Authenticated SQL Injection via ORDER BY in CDR Reports

FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full administrator privileges ar...

8.5CVSS5.8AI score0.00289EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:44 p.m.11 views

CVE-2026-44238

FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full administrator privileges ar...

8.5CVSS5.8AI score0.00289EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder