Lucene search
K

121692 matches found

CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.4.3 contained security vulnerabilities. These vulnerabilities stemmed from the HTTPUEContextTransfer handler’s lack of a default scenario in the Content-Type switch statement. When a...

6.9CVSS5.8AI score0.00282EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2026/04/22 12:0 a.m.31 views

VulnCheck KEV: CVE-2026-33626

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...

7.5CVSS5.9AI score0.4525EPSS
In wildExploits2References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.13 views

PT-2026-37157

Name of the Vulnerable Software and Affected Versions Flarum versions prior to 1.8.16 Flarum versions prior to 2.0.0-rc.1 Description An authenticated administrator can inject an arbitrary @import directive into the compiled forum.css file. This occurs because settings registered as LESS config...

4.9CVSS5.9AI score0.00404EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013438 advisory. In the Linux kernel, the following vulnerability has been resolved: block: don't call rqqosops-donebio if the bio isn't tracked rqqos framework is only applied on...

5.5CVSS5.5AI score0.00222EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013772 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fix PCI device refcount leak in pchrequestdma As comment of pcigetslot says, it...

5.9AI score0.00227EPSS
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
added 2026/04/22 12:0 a.m.9 views

actix-http has HTTP/1.1 CL.TE Request Smuggling

A vulnerability in actix-http's HTTP/1.1 request parser allows an unauthenticated remote client to smuggle requests in deployments where a front-end HTTP intermediary and the Actix backend disagree about whether Content-Length or Transfer-Encoding: chunked defines the request body length...

5.8AI score
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of hcireqsynclock protection in the btintelhwerror function within the btintel driver...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31513

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of- bounds read in l2capecredconnreq Syzbot reported a KASAN...

8.1CVSS6.7AI score0.00252EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013631 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element...

5.5AI score0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 11:54 p.m.4 views

CVE-2026-41136

free5GC AMF provides Access & Mobility Management Function AMF for free5GC, an an open-source project for 5th generation 5G mobile core networks. Prior to version 1.4.3, the HTTPUEContextTransfer handler in internal/sbi/apicommunication.go does not include a default case in the Content-Type switc...

6.9CVSS5.8AI score0.00282EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/21 11:54 p.m.33 views

CVE-2026-41136 free5GC AMF missing default case in Content-Type switch in HTTPUEContextTransfer

free5GC AMF provides Access & Mobility Management Function AMF for free5GC, an an open-source project for 5th generation 5G mobile core networks. Prior to version 1.4.3, the HTTPUEContextTransfer handler in internal/sbi/apicommunication.go does not include a default case in the Content-Type switc...

6.9CVSS0.00282EPSS
Exploits1References2
CVE
CVE
added 2026/04/21 11:54 p.m.12 views

CVE-2026-41136

The CVE-2026-41136 issue affects free5GC AMF prior to 1.4.3: the HTTPUEContextTransfer handler in internal/sbi/api_communication.go does not handle an unsupported Content-Type with a default case, causing deserialization to be skipped and an uninitialized UeContextTransferRequest to be processed....

6.9CVSS5.8AI score0.00282EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/21 11:49 p.m.4 views

CVE-2026-41135 free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service

free5GC UDR is the Policy Control Function PCF for free5GC, an an open-source project for 5th generation 5G mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory...

7.5CVSS5.7AI score0.00515EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/21 11:47 p.m.43 views

CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

6.9CVSS0.09955EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 11:36 p.m.22 views

CVE-2026-41130

Craft CMS versions 4.x up to 4.17.8 and 5.x up to 5.9.14 are affected by a SSRF via the resource-js endpoint when trustedHosts is not restricted. An unauthenticated attacker can manipulate the Host header to influence derived baseUrl used in actionResourceJs() and trigger arbitrary outbound HTTP ...

7CVSS5.9AI score0.0026EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 11:36 p.m.4 views

CVE-2026-41130

Craft CMS is a content management system CMS. In versions on the 4.x branch through 4.17.8 and the 5.x branch through 5.9.14, the resource-js endpoint in Craft CMS allows unauthenticated requests to proxy remote JavaScript resources. When trustedHosts is not explicitly restricted default...

7CVSS5.9AI score0.0026EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/21 11:16 p.m.5 views

CVE-2026-41060

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

7.7CVSS0.003EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/21 10:25 p.m.33 views

CVE-2026-41055 AVideo has an incomplete fix for CVE-2026-33039 (SSRF)

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS0.00377EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/21 10:25 p.m.2 views

CVE-2026-41055 AVideo has an incomplete fix for CVE-2026-33039 (SSRF)

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS5.7AI score0.00453EPSS
Exploits2References4
EUVD
EUVD
added 2026/04/21 10:25 p.m.5 views

EUVD-2026-24529

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS5.8AI score0.00377EPSS
Exploits1References4
Rows per page
Query Builder