Lucene search
K

657 matches found

Nuclei
Nuclei
added 17 hours ago168 views

MinIO - Incomplete Signature Validation for Unsigned-Trailer Uploads

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS7AI score0.02421EPSS
Exploits0References2
NVD
NVD
added 5 days ago9 views

CVE-2026-54774

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, SamlSerializer skips final SignatureValue verification when a CoreWCF service validates SAML tokens using a non-X.509 signing token, allowing an attacker to reference a non-X.509...

7.4CVSS0.0015EPSS
Exploits0References6
CVE
CVE
added 6 days ago37 views

CVE-2026-46354

Summary: A PKCS#7 signature bypass in Coder (Coder v2 before patches) allows unauthenticated token theft via Azure instance identity. The issue stems from azureidentity.Validate() validating only the signer certificate chain, not the signature itself, enabling forged PKCS#7 envelopes containing a...

9.1CVSS6.1AI score0.0026EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-40941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which...

7.1CVSS6.7AI score0.00159EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 12:16 p.m.7 views

EUVD-2026-40078

SzafirHost verifies the downloaded native library archive with one JarFile parser reading the Central Directory but extracts native libraries with JarInputStream parser reading sequentially from local file headers. An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as...

8.6CVSS6AI score0.00418EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53260

Name of the Vulnerable Software and Affected Versions SzafirHost versions prior to 1.2.2 Description SzafirHost is susceptible to remote code execution due to a discrepancy between how it verifies and extracts native library archives. The software uses a JarFile parser to verify the archive by...

8.6CVSS6.4AI score0.00418EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 10:50 p.m.3 views

GHSA-8JGF-23Q5-X7XX ex_aws_sns: Trusted-attacker `SigningCertURL` permits complete SNS signature bypass

Summary ExAws.SNS.verifymessage/1 fetches the signing certificate from the SigningCertURL field of the incoming SNS message without validating that the URL uses HTTPS or that its host is an AWS-owned SNS certificate domain. An unauthenticated attacker who can POST to any endpoint that calls...

8.7CVSS6AI score0.00226EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/26 10:50 p.m.7 views

ex_aws_sns: Trusted-attacker `SigningCertURL` permits complete SNS signature bypass

Summary ExAws.SNS.verifymessage/1 fetches the signing certificate from the SigningCertURL field of the incoming SNS message without validating that the URL uses HTTPS or that its host is an AWS-owned SNS certificate domain. An unauthenticated attacker who can POST to any endpoint that calls...

8.7CVSS6AI score0.00226EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/25 11:17 p.m.3 views

UBUNTU-CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS5.7AI score0.00159EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 11:1 p.m.28 views

CVE-2026-40941 Cacti: Package Import Signature Validation Bypass Allows Self-Signed Packages

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS0.00159EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/25 8:57 p.m.7 views

CVE-2026-11800 Org.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusion

A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client credentials to bypass signature verification. By forging an assertion, the attacker can create unauthorized access tokens. This enables the attacker to...

8.1CVSS5.7AI score0.00181EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:57 p.m.92 views

CVE-2026-11800

CVE-2026-11800 concerns Keycloak services and describes a JWT algorithm confusion vulnerability in the JWT Authorization Grant flow. The issue allows an attacker with valid client credentials to bypass signature verification by forging an assertion, enabling creation of unauthorized access tokens...

8.1CVSS5.8AI score0.00181EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/06/25 6:43 p.m.3 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the PKCS7 signature verification process for Azure instance identity. An attacker can obtain agent tokens without authentication by bypassing signature validation. Remediation There is...

9.3CVSS5.8AI score0.0026EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5196 Coder: PKCS#7 signature bypass in Azure instance identity allows unauthenticated agent token theft in github.com/coder/coder

Coder: PKCS7 signature bypass in Azure instance identity allows unauthenticated agent token theft in github.com/coder/coder...

9.1CVSS5.8AI score0.0026EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52592

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A JWT algorithm confusion flaw exists in the JWT Authorization Grant flow. An attacker possessing valid client credentials can bypass signature verification by forging an assertion. This...

8.1CVSS5.8AI score0.00181EPSS
Exploits0References14
Cvelist
Cvelist
added 2026/06/24 8:58 p.m.19 views

CVE-2026-46423 Rocket.Chat: SAML signature validation skipped when IdP certificate field is empty

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implementation silently skips both SAML Response and Assertion signature validation when the configured Id...

9.3CVSS0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 7:48 p.m.19 views

CVE-2026-50128 Mastodon: Spoofing of attribution domains

Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...

5.3CVSS0.00129EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37552

The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listingloadmore AJAX handler accepts a filteredquery parameter that is intentionally excluded from the HMAC query signature check to support front-end filter integration. However,...

7.5CVSS5.7AI score0.00322EPSS
Exploits0References7
NVD
NVD
added 2026/06/12 10:16 a.m.12 views

CVE-2026-50634

A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's assumption that accepted Content-Type or protected HTTP-header metadata came from a verified...

6.5CVSS0.00278EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 9:5 a.m.11 views

EUVD-2026-36402

A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's assumption that accepted Content-Type or protected HTTP-header metadata came from a verified...

6.5CVSS5.2AI score0.00278EPSS
Exploits0References1
Rows per page
Query Builder