Lucene search
K

694 matches found

Cvelist
Cvelist
added last week34 views

CVE-2026-56778 n8n - Authorization Bypass in Public API Execution Retry Endpoint

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...

6.4CVSS0.00174EPSS
Exploits0References2
CVE
CVE
added last week16 views

CVE-2026-56778

CVE-2026-56778 (n8n) : Affected versions are n8n before 2.25.7 and 2.26.x before 2.26.2. The Public API execution retry endpoint authorizes with the workflow:read scope instead of workflow:execute, allowing an authenticated user with read-only access to a shared workflow to retry executions, bypa...

6.4CVSS6.1AI score0.00174EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/02 5:22 p.m.15 views

GHSA-77Q5-RR5V-X43Q OpenClaw: Trusted retry endpoint checks could match hostname prefixes

Summary Trusted retry endpoint checks could match hostname prefixes. In affected versions, a retry endpoint URL chosen by lower-trust input could pass validation by using a hostname prefix that resembled a trusted host. This advisory is scoped to the named feature and configuration. It does not...

7.1CVSS6AI score0.00265EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/28 4:4 a.m.37 views

CVE-2026-10646 Use-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellation

Zephyr's BSD-sockets getaddrinfo implementation subsys/net/lib/sockets/getaddrinfo.c passes a pointer to a stack-allocated state object struct getaddrinfostate aistate as the userdata of an asynchronous DNS resolver query. The socket layer waits on a semaphore with a timeout deliberately set...

7.4CVSS0.00269EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/28 4:4 a.m.11 views

CVE-2026-10646

Zephyr's BSD-sockets getaddrinfo implementation subsys/net/lib/sockets/getaddrinfo.c passes a pointer to a stack-allocated state object struct getaddrinfostate aistate as the userdata of an asynchronous DNS resolver query. The socket layer waits on a semaphore with a timeout deliberately set...

7.4CVSS6.1AI score0.00269EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 5:49 p.m.9 views

CVE-2026-52950

A flaw was found in the Linux kernel, specifically within the drm/xe/dma-buf component. This Use-After-Free UAF vulnerability occurs due to an issue in a retry loop, where a buffer object is prematurely freed on error. An attacker could potentially exploit this to cause memory corruption, leading...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.6 views

CVE-2026-53058

A flaw was found in the drm/bridge: cadence: cdns-mhdp8546-core component of the Linux kernel. This vulnerability allows for a NULL pointer dereference during error handling within the atomicenable function. If cdnsmhdplinkup or cdnsmhdpregread encounter errors, a subsequent attempt to access a...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.7 views

UBUNTU-CVE-2026-53191

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 7:36 a.m.11 views

BIT-LIBPYTHON-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38818

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

5.7AI score0.00132EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-54904

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

8.2CVSS0.00278EPSS
Exploits1References1
NVD
NVD
added 2026/06/24 5:17 p.m.10 views

CVE-2026-52962

In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in cephsetxattr The oldblob in cephsetxattr can store ci-ixattrs.preallocblob value during the retry. However, it is never called the cephbufferput for the oldblob object. This patch fixes the issue of the...

7.8CVSS0.00184EPSS
Exploits0References8
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS0.00132EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:30 p.m.15 views

CVE-2026-53058

The CVE-2026-53058 entry documents a fix in the Linux kernel’s DRM Cadence driver: in the cdns-mhdp8546-core, the mhdp connector must be set earlier in atomic_enable to prevent a NULL pointer dereference in recovery paths (e.g., modeset_retry_fn) when errors occur in cdns_mhdp_link_up() or cdns_m...

5.8AI score0.00168EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52962

In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in cephsetxattr The oldblob in cephsetxattr can store ci-ixattrs.preallocblob value during the retry. However, it is never called the cephbufferput for the oldblob object. This patch fixes the issue of the...

5.9AI score0.00184EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

5.7AI score0.00132EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/24 4:28 p.m.2 views

CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS5.8AI score0.00132EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.32 views

CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS0.00132EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:28 p.m.11 views

CVE-2026-52950

The CVE-2026-52950 issue affects the Linux kernel DRM/XE DMA-BUF path. The vulnerability is a Use-After-Free in the retry loop where a buffer object could be freed on error, potentially leading to memory corruption. The documented fix changes the sequence to allocate and initialize before the att...

7.8CVSS5.7AI score0.00132EPSS
Exploits0References6Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: libceph: The state of sparse-read was reset in osdfault. When a fault occurs, the connection is abandoned, re-established, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References2
Rows per page
Query Builder