110554 matches found
EUVD-2026-31506
RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...
MAL-2026-4258 Malicious code in @engagehub/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcc397ed87426726776c339f950939ac2da46c12edd018ed4bc48031f7044094 All three lifecycle hooks preinstall, install, postinstall in package.json invoke node telemetry.js, so the payload fires unconditionally on npm...
EUVD-2026-31489
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...
CVE-2026-8670
creationtimestamp| type| source ---|---|--- 2026-05-22 17:39:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhi3pvwkx2e 2026-06-02 17:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mnd3fohtxx24 2026-06-05 11:01:40+00:00| seen|...
CVE-2026-5171
creationtimestamp| type| source ---|---|--- 2026-05-22 17:28:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhhhzhovv2p...
CVE-2022-34363
creationtimestamp| type| source ---|---|--- 2026-05-22 17:23:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhh72yfho2n...
CVE-2026-9245
creationtimestamp| type| source ---|---|--- 2026-05-22 17:18:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhgw4k25i2p...
CVE-2022-31231
creationtimestamp| type| source ---|---|--- 2026-05-22 17:04:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhg4jwbkx2t...
CVE-2026-9249
creationtimestamp| type| source ---|---|--- 2026-05-22 17:00:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhfvsy6yw2r...
CVE-2026-9246
creationtimestamp| type| source ---|---|--- 2026-05-22 16:57:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhfptu6za2t...
CVE-2026-9248
creationtimestamp| type| source ---|---|--- 2026-05-22 16:54:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhfkht5tm2n...
CVE-2026-8477
creationtimestamp| type| source ---|---|--- 2026-05-22 16:48:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhfb3ysbe2p...
CVE-2026-9047
creationtimestamp| type| source ---|---|--- 2026-05-22 16:46:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhf4xkwxt2n 2026-06-06 11:02:52+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnmivyhkac2z...
CVE-2026-9247
creationtimestamp| type| source ---|---|--- 2026-05-22 16:44:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhez4l46b2v...
CVE-2026-42502
creationtimestamp| type| source ---|---|--- 2026-05-22 16:38:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmheoytrrm2r 2026-06-01 15:38:41+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnafjazque2y...
CVE-2026-42506
creationtimestamp| type| source ---|---|--- 2026-05-22 16:35:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhej6i35b2c...
CVE-2026-25681
creationtimestamp| type| source ---|---|--- 2026-05-22 16:34:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhegg6jw22r 2026-06-01 15:32:16+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnafjazque2y...
CVE-2026-36227
creationtimestamp| type| source ---|---|--- 2026-05-22 15:00:15+00:00| seen| Telegram/dTfSHcoUcJaeOuFARbGp4aQ01psDVJQvBc7YPH7AO1ZEIM0...
CVE-2026-36226
creationtimestamp| type| source ---|---|--- 2026-05-22 15:00:15+00:00| seen| Telegram/dTfSHcoUcJaeOuFARbGp4aQ01psDVJQvBc7YPH7AO1ZEIM0...
EUVD-2026-31444
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...