Lucene search
K

104 matches found

CVE
CVE
added 2 days ago7 views

CVE-2026-49866

CVE-2026-49866 affects the JavaScript libp2p implementation, specifically the @libp2p/gossipsub component. The root cause is defaultDecodeRpcLimits allowing maxIhaveMessageIDs and maxIwantMessageIDs to be Infinity prior to v16.0.0, enabling oversized IHAVE/IWANT control message arrays in message/...

7.5CVSS6AI score0.00446EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 3:43 a.m.8 views

EUVD-2026-40888

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockid' and other shortcode attributes of the 'givewpcampaigncomments' shortcode in versions up to, and including, 4.16.0. This is due to insufficient input sanitizati...

6.4CVSS5.9AI score0.00241EPSS
Exploits0References12
NVD
NVD
added 2026/06/19 6:17 a.m.10 views

CVE-2026-54414

FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint /api/folder/uploadToSharedFolder.php, leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename and REGEXFILENAME, which permit...

9.8CVSS0.0072EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/02 6:35 p.m.10 views

EUVD-2026-34008

wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, upon receiving a crafted malicious Proteus external message with an encrypted payload that is shorter than 16 bytes, the Wire iOS client crashes. The crash is triggered automatically after message receiv...

6.5CVSS5.7AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.15 views

PT-2026-45830

wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, upon receiving a crafted malicious Proteus external message with an encrypted payload that is shorter than 16 bytes, the Wire iOS client crashes. The crash is triggered automatically after message receiv...

6.5CVSS5.7AI score0.00235EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/01 12:0 a.m.8 views

Security update for openjpeg2 (important)

openSUSE security update: security update for openjpeg2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20842-1 Rating: important References: bsc1247650 Cross-References: CVE-2025-54874 CVSS scores: CVE-2025-54874 SUSE : 7...

7.3CVSS6AI score0.00636EPSS
Exploits1References1
CVE
CVE
added 2026/05/09 7:16 p.m.24 views

CVE-2026-42333

CVE-2026-42333 affects Quarkus OpenAPI Generator. The issue: the generated authentication filter can match OpenAPI path templates too broadly, causing a security scheme for one operation to be applied to a different, similarly-named operation. This can cause bearer tokens, API keys, or basic cred...

6.3CVSS5.7AI score0.004EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/30 12:0 a.m.7 views

Security update for libsodium (moderate)

openSUSE security update: security update for libsodium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20642-1 Rating: moderate References: bsc1255764 bsc1256070 Cross-References: CVE-2025-15444 CVE-2025-69277 CVSS scores: CVE-2025-15444 SUSE : 6.8...

6.8CVSS5.5AI score0.00228EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/30 12:0 a.m.5 views

Security update for openexr (important)

openSUSE security update: security update for openexr ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20652-1 Rating: important References: bsc1262425 bsc1262426 Cross-References: CVE-2026-40244 CVE-2026-40250 CVSS scores: CVE-2026-40244 SUSE : 7.8...

8.4CVSS5.4AI score0.0045EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.6 views

Security update for xwayland (important)

openSUSE security update: security update for xwayland ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20560-1 Rating: important References: bsc1260922 bsc1260923 bsc1260924 bsc1260925 bsc1260926 Cross-References: CVE-2026-33999 CVE-2026-34000...

7.3CVSS5.8AI score0.00489EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.5 views

Security update for glibc (important)

openSUSE security update: security update for glibc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20501-1 Rating: important References: bsc1258319 bsc1260078 bsc1260082 Cross-References: CVE-2026-4437 CVE-2026-4438 CVSS scores: CVE-2026-4437 SUSE ...

5.7CVSS5.7AI score0.00292EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32601

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

9.1CVSS5.8AI score0.00521EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/09 12:0 a.m.3 views

Security update for cockpit-repos (important)

openSUSE security update: security update for cockpit-repos ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20464-1 Rating: important References: bsc1258637 Cross-References: CVE-2026-26996 CVSS scores: CVE-2026-26996 SUSE : 7.5...

8.7CVSS6.5AI score0.00519EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/02 12:0 a.m.2 views

Security update for expat (important)

openSUSE security update: security update for expat ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20448-1 Rating: important References: bsc1259711 bsc1259726 bsc1259729 Cross-References: CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 CVSS scores:...

8.7CVSS5.9AI score0.00216EPSS
Exploits1References3
OSV
OSV
added 2026/04/01 9:46 a.m.13 views

CLEANSTART-2026-VX40916 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-9h8m-3fm2-qjrq applied in versions: 0.16.0-r0

Multiple security vulnerabilities affect the kserve package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7AI score0.01945EPSS
Exploits2References22
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/28 12:0 a.m.3 views

Security update for tomcat11 (important)

openSUSE security update: security update for tomcat11 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20414-1 Rating: important References: bsc1253460 bsc1258371 bsc1258385 bsc1258387 Cross-References: CVE-2025-66614 CVE-2026-24733 CVE-2026-24734...

8.7CVSS6.8AI score0.00498EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/28 12:0 a.m.7 views

Security update for vim (important)

openSUSE security update: security update for vim ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20403-1 Rating: important References: bsc1246602 bsc1258229 bsc1259051 Cross-References: CVE-2025-53906 CVE-2026-26269 CVE-2026-28417 CVSS scores:...

5.4CVSS7AI score0.01162EPSS
Exploits1References3
NVD
NVD
added 2026/03/27 9:17 p.m.6 views

CVE-2026-33875

Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update...

9.3CVSS0.00265EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 8:23 p.m.1 views

CVE-2026-33874

Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik...

7.8CVSS6.1AI score0.00282EPSS
Exploits0References2Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/25 12:0 a.m.3 views

Security update for protobuf (moderate)

openSUSE security update: security update for protobuf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20390-1 Rating: moderate References: bsc1244663 bsc1244918 bsc1257173 Cross-References: CVE-2025-4565 CVE-2026-0994 CVSS scores: CVE-2025-4565 SUS...

8.2CVSS6.8AI score0.00613EPSS
Exploits0References3
Rows per page
Query Builder