Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

869 matches found

CNNVD
CNNVDadded 5 days ago3 views

NextCloud Forms security vulnerabilities

NextCloud Forms is an open-source, hosted questionnaire and form creation tool developed by NextCloud. There were security vulnerabilities in versions 4.3.0 to 5.2.7 of NextCloud Forms, which stemmed from unauthorized access to respondent files uploaded through affected forms, due to retained...

5.3CVSS5.8AI score0.00028EPSS
Exploits0References3
Veracode
Veracodeadded 2026/05/16 5:34 a.m.7 views

Improper Cleanup Of Namespace Data

OpenBao is vulnerable to improper cleanup of namespace data.The vulnerability is due to incomplete cleanup when retries occur after an initial namespace deletion failure, which allows an attacker to potentially retain access to outstanding leases or leave residual storage entries that should have...

7.5CVSS5.8AI score0.00036EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2026/05/11 8:26 p.m.5 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References1
NVD
NVDadded 2026/05/08 10:16 p.m.12 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS0.00116EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/08 9:40 p.m.8 views

EUVD-2026-28838

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/08 9:40 p.m.29 views

CVE-2026-42209 FlashMQ: Division by zero crash when using non-default deferred retained message setting

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS0.00116EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/08 9:40 p.m.5 views

CVE-2026-42209 FlashMQ: Division by zero crash when using non-default deferred retained message setting

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References4
CVE
CVEadded 2026/05/08 9:40 p.m.10 views

CVE-2026-42209

Summary: CVE-2026-42209 affects FlashMQ, a MQTT broker/server for multi-CPU environments. Before v1.26.1, a remote client with retained publish permission can trigger a crash of the FlashMQ broker when both set_retained_message_defer_timeout and set_retained_message_defer_timeout_spread are non-d...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/08 9:40 p.m.9 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2026/05/08 12:0 a.m.3 views

FlashMQ 数字错误漏洞

FlashMQ is a fast and lightweight MQTT proxy server developed by Wiebe Cazemier. Versions of FlashMQ prior to 1.26.1 contained a numerical error vulnerability. This vulnerability could cause the FlashMQ proxy to crash and lead to a denial-of-service attack when the setretainedmessagedefertimeout...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.8 views

PT-2026-39199

Name of the Vulnerable Software and Affected Versions FlashMQ versions prior to 1.26.1 Description A remote client with retained publish permission can cause a denial of service by crashing the broker. This occurs when both set retained message defer timeout and set retained message defer timeout...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References6
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.4 views

Astra Linux - уязвимость в sudo

A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...

8.8CVSS7.2AI score0.00082EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/24 1:22 a.m.2 views

CVE-2026-28950

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 15.8.8 and iPadOS 15.8.8, iOS 16.7.16 and iPadOS 16.7.16, iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2, iPadOS 17.7.11. Notifications marked for deletion could be unexpectedly retained on the devi...

6.2CVSS6AI score0.00016EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/17 9:1 p.m.18 views

CVE-2026-40196 HomeBox has Unauthorized API Access via Retained defaultGroup ID After Group Access Revocation

HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group, even after their access to that group was revoked. While the web interface correctly enforced the...

8.1CVSS0.00038EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/04/06 12:0 a.m.3 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. There is a security vulnerability in Mattermost; this vulnerability stems from the failure of authorization checks, which allows requests to continue processing without being stopped. This may allow...

8.8CVSS5.8AI score0.00018EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/04/03 9:33 p.m.6 views

CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing

A vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. The vulnerability is located in Source/FramePublish.swift during the extraction of the Topic string from the incomi...

6.5CVSS5.9AI score0.00017EPSS
Exploits1References6Affected Software1
EUVD
EUVDadded 2026/04/03 9:33 p.m.0 views

EUVD-2026-18235

CocoaMQTT: Denial of Service via Reachable Assertion in PUBLISH Packet Parsing...

5.7CVSS5.9AI score0.00017EPSS
Exploits1References5
OSV
OSVadded 2026/04/03 9:33 p.m.3 views

GHSA-R3FR-7M74-Q7G2 CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing

A vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. The vulnerability is located in Source/FramePublish.swift during the extraction of the Topic string from the incomi...

5.7CVSS5.9AI score0.00017EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2026/04/03 4:59 p.m.4 views

CVE-2026-30867

CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...

6.5CVSS5.8AI score0.00017EPSS
Exploits1References1
GitLab Advisory Database
GitLab Advisory Databaseadded 2026/04/03 12:0 a.m.7 views

CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing

A vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. The vulnerability is located in Source/FramePublish.swift during the extraction of the Topic string from the incomi...

6.5CVSS5.9AI score0.00017EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder