110835 matches found
CVE-2026-6667
creationtimestamp| type| source ---|---|--- 2026-05-13 21:59:40+00:00| seen| https://bsky.app/profile/intel.overresearched.net/post/3mlrcgdu3ss2c...
EUVD-2026-30144
Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...
CVE-2026-44219
ciguard is a static security auditor for CI/CD pipelines. From 0.6.0 to 0.8.1, both SCA HTTP clients src/ciguard/analyzer/sca/osv.py and src/ciguard/analyzer/sca/endoflife.py call payload = json.loadsresp.read.decode'utf-8' without a maximum-bytes cap. A hostile or compromised endoflife.date /...
CVE-2026-34648
creationtimestamp| type| source ---|---|--- 2026-05-13 20:22:12+00:00| seen| https://bsky.app/profile/adobedigest.bsky.social/post/3mlr4y3gfhm25...
CVE-2026-34647
creationtimestamp| type| source ---|---|--- 2026-05-13 20:22:12+00:00| seen| https://bsky.app/profile/adobedigest.bsky.social/post/3mlr4y2lind2e...
CVE-2026-34645
creationtimestamp| type| source ---|---|--- 2026-05-13 20:22:11+00:00| seen| https://bsky.app/profile/adobedigest.bsky.social/post/3mlr4xzfu5a25...
CVE-2026-33378 Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro
Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...
CVE-2026-33378
Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...
CVE-2026-33378 Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro
Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...
CVE-2026-0239
creationtimestamp| type| source ---|---|--- 2026-05-13 19:16:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqzbxzh6c2t...
CVE-2026-44248
creationtimestamp| type| source ---|---|--- 2026-05-13 19:14:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqz6y6isw2h...
CVE-2026-0257
creationtimestamp| type| source ---|---|--- 2026-05-13 19:03:33+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3mlqyl5x3ps2t 2026-05-13 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities20260514 2026-05-13 21:00:00+00:00| seen...
CVE-2026-0250
creationtimestamp| type| source ---|---|--- 2026-05-13 19:03:32+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3mlqyl4hz4x23 2026-05-13 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities20260514 2026-05-13 21:00:00+00:00| seen...
EUVD-2026-29974
When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40618
creationtimestamp| type| source ---|---|--- 2026-05-13 18:05:21+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlqvddnhbm2k 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/f5-products-multiple-vulnerabilities20260515...
CVE-2026-45737
creationtimestamp| type| source ---|---|--- 2026-05-13 17:57:01+00:00| published-proof-of-concept| https://github.com/argoproj/argo-cd/security/advisories/GHSA-rg3g-4rw9-gqrp...
CVE-2026-42945
creationtimestamp| type| source ---|---|--- 2026-05-13 17:56:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqurxic4y2o 2026-05-13 19:14:52+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116568862985647331 2026-05-13 21:00:00+00:00| seen|...
CVE-2026-42406
creationtimestamp| type| source ---|---|--- 2026-05-13 17:54:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqunhxjd72e 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/f5-products-multiple-vulnerabilities20260515...
MAL-2026-3663 Malicious code in chia-network (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c7439a1ad4a50c3852597bd31aaf7a3f15c53c2cb9f124b9b350e55517b5f592 The OpenSSF Package Analysis project identified 'chia-network' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
CVE-2026-42926
When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...