110801 matches found
CVE-2026-6332 Clear Text Storage of Sensitive Information on EcoStruxure™ Machine Expert HVAC
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of confidentiality, When an authorized attacker accesses the source code for editing or compiling it...
EUVD-2026-30346
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of confidentiality, When an authorized attacker accesses the source code for editing or compiling it...
CVE-2026-6332
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of confidentiality, When an authorized attacker accesses the source code for editing or compiling it...
CVE-2026-6332 Clear Text Storage of Sensitive Information on EcoStruxure™ Machine Expert HVAC
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of confidentiality, When an authorized attacker accesses the source code for editing or compiling it...
CVE-2026-6332
CVE-2026-6332 describes a plaintext storage of sensitive information vulnerability in Schneider Electric’s EcoStruxure Machine Expert HVAC platform. The issue centers on how sensitive data (potentially including protected source code) is stored, which could lead to confidentiality loss if an auth...
@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +29 more potentially affected by unknown CVE via @tanstack/start-server-core (>=1.121.0-alpha.28 <=1.167.3)
@tanstack/start-server-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.0.14, =0.3.0, =0.3.0, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.121.0-alpha.28, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.121.0-alpha.28, =1.97.4, =1.120.20 and more Source cves: unknown CVE Source advisory:...
CVE-2026-20224
creationtimestamp| type| source ---|---|--- 2026-05-14 16:24:10+00:00| seen| https://infosec.exchange/users/AAKL/statuses/116573854073506943 2026-05-15 16:02:46+00:00| seen| https://t.me/GithubRedTeam/84354 2026-05-15 21:00:05+00:00| published-proof-of-concept|...
CVE-2026-20210
creationtimestamp| type| source ---|---|--- 2026-05-14 16:24:10+00:00| seen| https://infosec.exchange/users/AAKL/statuses/116573854073506943 2026-06-29 18:16:41+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mph3uvzisf2e...
n8n Has a Source Control Pull SQL Injection
Impact An attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection ...
NPM: n8n Has a Source Control Pull SQL Injection
NPM: n8n Has a Source Control Pull SQL Injection vulnerability discovered by ? in WordPress Npm n8n versions 1.123.43...
GHSA-MHRX-QHRJ-673W n8n Has a Source Control Pull SQL Injection
Impact An attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection ...
CVE-2026-42159
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, which are used to manage sketches and analyses. Sketches have controllable graphs, which are comprised...
Malicious code in mrgn-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16fe2927853a543269a7eb66273bfea477dd040bc2e90f40d9b3642e9d138f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2026-30308
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, which are used to manage sketches and analyses. Sketches have controllable graphs, which are comprised...
dovecot: denial of service via specially crafted NOOP command
A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...
CVE-2026-8181
creationtimestamp| type| source ---|---|--- 2026-05-14 15:00:07+00:00| seen| Telegram/8KrClztxOpt43Dn04vWbNfDSJz2auxqrQryTcHMCRfwseY 2026-05-14 15:00:16+00:00| seen| Telegram/dErCEnN1e7TY-t0OSb3ozOiPhjFHpmm6ygmc27OPsCgAOz4 2026-05-14 15:00:40+00:00| seen|...
CVE-2026-6504
creationtimestamp| type| source ---|---|--- 2026-05-14 13:48:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlsxgcb7c62p...
CVE-2026-45205
creationtimestamp| type| source ---|---|--- 2026-05-14 13:37:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlswsrti7k2q 2026-05-15 11:39:40+00:00| seen| https://bsky.app/profile/cybersecinsight.bsky.social/post/3mlvapkf3un2a...
CVE-2026-6206
creationtimestamp| type| source ---|---|--- 2026-05-14 13:36:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlswqxyrkg2q...
CVE-2026-6174
creationtimestamp| type| source ---|---|--- 2026-05-14 11:32:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlspt3koty2u...