Lucene search
K

733576 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.10 views

RHEL 10 : kernel (RHSA-2026:27288)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27288 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf...

9.8CVSS6.2AI score0.004EPSS
Exploits9References32
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.6 views

Fedora 43 : python3.13 (2026-2deb979d80)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2deb979d80 advisory. New Python release including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...

9.1CVSS6.2AI score0.0079EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-9375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to...

8.9CVSS7AI score0.00622EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.7 views

Debian dsa-6355 : ata-modules-6.12.90+deb13-armmp-di - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6355 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6355-1 [email protected] https://www.debian.org/securit...

9.8CVSS6.6AI score0.00441EPSS
Exploits11References108
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.7 views

Fedora 44 : python3.13 (2026-dfc9182263)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dfc9182263 advisory. New Python version including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...

9.1CVSS6.2AI score0.0079EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.8 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.8)

The version of AOS installed on the remote host is prior to 7.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.8 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a deni...

9.8CVSS6.9AI score0.00754EPSS
Exploits2References25
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.5 views

Photon OS 4.0: Coredns PHSA-2026-4.0-1038

An update of the coredns package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS5.7AI score0.00672EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.5 views

Photon OS 4.0: Python3 PHSA-2026-4.0-1038

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.5CVSS5.7AI score0.01141EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 7:8 p.m.12 views

Malicious code in d0rk3r-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4542d225ef144ecc5df2f578104ffc12659196c57b2214ecb54f60620601c6 On import d0rk3rtelemetry, the package spawns a background thread that reads installer-owned secrets and POSTs them to an attacker-controlled endpoin...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/20 7:8 p.m.6 views

MAL-2026-6244 Malicious code in d0rk3r-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4542d225ef144ecc5df2f578104ffc12659196c57b2214ecb54f60620601c6 On import d0rk3rtelemetry, the package spawns a background thread that reads installer-owned secrets and POSTs them to an attacker-controlled endpoin...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 6:47 p.m.11 views

Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References23
OSV
OSV
added 2026/06/20 6:47 p.m.5 views

MAL-2026-6260 Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References23
GithubExploit
GithubExploit
added 2026/06/20 4:39 p.m.90 views

explotability_analysis_ebpf

eBPF Verifier Exploit Research — s344024 Romano Simone Resear...

8.2CVSS5.9AI score0.00516EPSS
Exploits1
NVD
NVD
added 2026/06/20 4:17 p.m.12 views

CVE-2026-56317

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

6.1CVSS0.00209EPSS
Exploits0References4
NVD
NVD
added 2026/06/20 4:17 p.m.11 views

CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS0.00222EPSS
Exploits1References2
CVE
CVE
added 2026/06/20 3:24 p.m.13 views

CVE-2025-71331

Flowise (pre-3.0.8) exposes a Cross-Site Scripting (XSS) vulnerability due to insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript via an iframe payload in chat or have a custom agent function return an external XSS payload. The inj...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/20 3:24 p.m.3 views

CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/20 3:24 p.m.29 views

CVE-2025-71331 Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS0.00222EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/20 3:24 p.m.7 views

EUVD-2025-210289

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/20 3:24 p.m.5 views

CVE-2025-71331 Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References2
Rows per page
Query Builder