Lucene search
K

1389463 matches found

Ivanti
Ivanti
added 2026/12/05 2:2 p.m.38 views

May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)

Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...

8.8CVSS6.2AI score0.00564EPSS
Exploits0
Ivanti
Ivanti
added 2026/09/06 2:0 p.m.16 views

Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523)

Last Modified Date 16.06.2026 00:48:48...

10CVSS7.3AI score0.99041EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2 hours ago12 views

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...

7.5CVSS6.3AI score0.00838EPSS
Exploits8Affected Software1
NVD
NVD
added 3 hours ago5 views

CVE-2026-9165

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...

7.7CVSS
Exploits0References2
NVD
NVD
added 3 hours ago4 views

CVE-2026-53913

Improper Authentication, Missing Authentication for Critical Function, Not Failing Securely 'Failing Open' vulnerability in Apache Camel Keycloak Component. The KeycloakSecurityPolicy of camel-keycloak guards a route by running KeycloakSecurityProcessor.beforeProcess, which performs three checks ...

Exploits0References1
NVD
NVD
added 3 hours ago4 views

CVE-2026-49086

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel DAPR component. The camel-dapr Dapr Pub/Sub consumer DaprPubSubConsumer copied two fields from each inbound CloudEvent - its Pub/Sub component name and its topic - into the...

Exploits0References2
NVD
NVD
added 3 hours ago5 views

CVE-2026-49099

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection', Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel Salesforce Component. The camel-salesforce producer resolves its operation parameters - the SOQL query, the SOSL search,...

Exploits0References2
NVD
NVD
added 3 hours ago3 views

CVE-2026-46584

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component. The camel-mail producer MailProducer.getSender scanned the outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace and, when any were present...

Exploits0References2
NVD
NVD
added 3 hours ago4 views

CVE-2026-46454

Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...

Exploits0References2
NVD
NVD
added 3 hours ago3 views

CVE-2026-46456

Improper Input Validation vulnerability in Apache Camel AWS2-SQS Component. The camel-aws2-sqs component map inbound message attributes into the Camel Exchange through a component-specific HeaderFilterStrategy. Sqs2HeaderFilterStrategy configured only an outbound filter setOutFilterPattern, which...

Exploits0References2
NVD
NVD
added 3 hours ago4 views

CVE-2026-40047

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Camel Docling component. The camel-docling component invokes the external docling command-line tool by assembling an argument list in DoclingProducer and executing it through...

Exploits0References2
CVE
CVE
added 3 hours ago7 views

CVE-2026-9165

Summary : A flaw in Red Hat Advanced Cluster Security for Kubernetes (RHACS) Central allows unbounded GraphQL query depth on the authenticated GraphQL API, enabling a token-authenticated user to issue deeply nested queries that exhaust resources and cause a denial of service to the management pla...

7.7CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 3 hours ago6 views

EUVD-2026-41859

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...

7.7CVSS5.9AI score
Exploits0References2
CVE
CVE
added 4 hours ago5 views

CVE-2026-56139

The CVE concerns Apache Camel Undertow: the muteException option on the Undertow HTTP server consumer defaulted to false, causing full Java stack traces to be written in HTTP responses on route-processing errors. This exposed sensitive internal information (credentials in messages, hostnames/IPs,...

5.8AI score
Exploits0References2
CVE
CVE
added 4 hours ago6 views

CVE-2026-53913

Apache Camel Keycloak (camel-keycloak) CVE-2026-53913 describes a defect where KeycloakSecurityPolicy only verifies the bearer token inside role/permissions checks. With default settings (requiredRoles/requiredPermissions empty), the policy rejects missing tokens but accepts any non-null Authoriz...

6.4AI score
Exploits0References1
EUVD
EUVD
added 4 hours ago6 views

EUVD-2026-41846

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.8AI score
Exploits0References1
EUVD
EUVD
added 4 hours ago5 views

EUVD-2026-41843

Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from the irc.sendTo Exchange header the constant...

6.1AI score
Exploits0References1
CVE
CVE
added 4 hours ago4 views

CVE-2026-49097

Apache Camel IRC component (Camel-IRC) is affected: the irc.sendTo and related irc.* headers can bypass HTTP header filtering and direct outgoing IRC messages to arbitrary channels/users, enabling header-based redirection in routes bridging HTTP to irc:. Affected versions: 4.0.0–before 4.14.8, 4....

6.1AI score
Exploits0References2
EUVD
EUVD
added 4 hours ago5 views

EUVD-2026-41841

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel JIRA component. The camel-jira producers read their operation parameters - the issue key, project key, transition id, summary, type, assignee, components, watchers, link type, work-log minute...

6.1AI score
Exploits0References1
Cvelist
Cvelist
added 4 hours ago4 views

CVE-2026-48205 Apache Camel DNS: The dns.* and term Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour

Improper Input Validation, Server-Side Request Forgery SSRF vulnerability in Apache Camel DNS component. The camel-dns producers read DNS operation parameters - the resolver to query, the name or domain to look up, the record type and class, and the search term - from Exchange message headers who...

Exploits0References1
Rows per page
Query Builder