Lucene search
K

31274 matches found

OSV
OSV
added 2026/01/30 3:47 p.m.3 views

CLEANSTART-2026-AD41794 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cert-manager-webhook-pdns-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00579EPSS
Exploits1References7
OSV
OSV
added 2026/01/30 3:47 p.m.2 views

CLEANSTART-2026-SV79070 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00579EPSS
Exploits3References11
OSV
OSV
added 2026/01/30 3:47 p.m.7 views

CLEANSTART-2026-ZP68963 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.5AI score0.00579EPSS
Exploits3References11
OSV
OSV
added 2026/01/30 3:45 p.m.17 views

CLEANSTART-2026-RX06615 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.5AI score0.00579EPSS
Exploits3References11
OSV
OSV
added 2026/01/30 3:44 p.m.11 views

CLEANSTART-2026-BS24435 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00579EPSS
Exploits3References11
RedhatCVE
RedhatCVE
added 2026/01/30 3:39 p.m.14 views

CVE-2025-13905

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...

7CVSS5.9AI score0.00103EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2026/01/30 3:35 p.m.7 views

AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates h...

5.9AI score
Exploits0
OSV
OSV
added 2026/01/30 3:10 p.m.10 views

CLEANSTART-2026-KC06686 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00579EPSS
Exploits1References8
OSV
OSV
added 2026/01/30 3:10 p.m.3 views

CLEANSTART-2026-FN26367 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00579EPSS
Exploits1References8
OSV
OSV
added 2026/01/30 3:9 p.m.6 views

CLEANSTART-2026-IL25782 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS7.4AI score0.00579EPSS
Exploits1References8
OSV
OSV
added 2026/01/30 3:9 p.m.3 views

CLEANSTART-2026-GC72145 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00579EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 2:11 p.m.12 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to DoS due to unbounded memory allocation in golang.org/x/crypto SSH implementation (CVE-2025-22869)

Summary Potential vulnerabilities in golang.org/x/crypto module CVE-2025-22869 have been identified that may affect IBM Cloud Pak for Data Vulnerability Details CVEID:CVE-2025-22869 DESCRIPTION: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from...

7.5CVSS7.3AI score0.00868EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2026/01/30 8:21 a.m.177 views

Exploit for OS Command Injection in Gerapy

CVE-2021-43857-Gerapy-v0.9.7 - login to portal as admin - add...

9.8CVSS5.9AI score0.55331EPSS
Exploits7
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.7 views

PT-2026-5441

Name of the Vulnerable Software and Affected Versions Cybersecurity AI CAI versions up to and including 0.5.10 Description The Cybersecurity AI CAI framework contains multiple argument injection vulnerabilities within its function tools. User-controlled input is directly passed to shell commands...

9.6CVSS6.2AI score0.008EPSS
Exploits3References17
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.175 views

📄 LibreChat MCP 0.8.2-rc2 Remote Code Execution

This proof of concept exploit targets the LibreChat MCP remote code execution vulnerability known as CVE-2026-22252. It provides a comprehensive and professional framework for detecting, testing, and exploiting the vulnerability with multiple extraction modes...

9.9CVSS6.5AI score0.03678EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.175 views

📄 Monsta FTP 2.11 Remote File Injection

This Metasploit module exploits a vulnerability in Monsta FTP version 2.11 and enables remote file injection by creating a malicious FTP server. The application builds this server to upload a malicious PHP file reverse shell. After the file is uploaded, the module immediately verifies the...

9.8CVSS5.9AI score0.72536EPSS
Exploits6
NVD
NVD
added 2026/01/29 10:15 p.m.11 views

CVE-2026-25046

Kimi Agent SDK is a set of libraries that expose the Kimi Code Kimi CLI agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like $cmd could execute...

2.9CVSS0.00113EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/29 9:47 p.m.7 views

EUVD-2026-4943

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

8.3CVSS6.2AI score0.00689EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/29 9:37 p.m.3 views

CVE-2026-25046

Kimi Agent SDK is a set of libraries that expose the Kimi Code Kimi CLI agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like $cmd could execute...

2.9CVSS6.1AI score0.00113EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/01/29 9:37 p.m.16 views

EUVD-2026-4948

Kimi Agent SDK is a set of libraries that expose the Kimi Code Kimi CLI agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like $cmd could execute...

2.9CVSS6.1AI score0.00113EPSS
Exploits0References1
Rows per page
Query Builder