Lucene search
K

110838 matches found

Circl
Circl
added 2026/05/13 5:54 p.m.11 views

CVE-2026-42406

creationtimestamp| type| source ---|---|--- 2026-05-13 17:54:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqunhxjd72e 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/f5-products-multiple-vulnerabilities20260515...

8.7CVSS5.3AI score0.0015EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 4:39 p.m.6 views

MAL-2026-3663 Malicious code in chia-network (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c7439a1ad4a50c3852597bd31aaf7a3f15c53c2cb9f124b9b350e55517b5f592 The OpenSSF Package Analysis project identified 'chia-network' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/13 4:16 p.m.17 views

CVE-2026-42926

When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...

6.3CVSS0.00339EPSS
Exploits1References1
NVD
NVD
added 2026/05/13 4:16 p.m.13 views

CVE-2026-42934

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

6.3CVSS0.00717EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 4:16 p.m.5 views

ALPINE-CVE-2026-42926

When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...

6.3CVSS5.5AI score0.00339EPSS
Exploits1References1
OSV
OSV
added 2026/05/13 4:16 p.m.7 views

ALPINE-CVE-2026-40460

When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS5.8AI score0.00367EPSS
Exploits0References1
Circl
Circl
added 2026/05/13 4:16 p.m.8 views

CVE-2026-8463

creationtimestamp| type| source ---|---|--- 2026-05-13 16:16:19+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mlqpad2kf52e...

5.3CVSS4.9AI score0.00327EPSS
Exploits0References1
Circl
Circl
added 2026/05/13 4:12 p.m.9 views

CVE-2026-8369

creationtimestamp| type| source ---|---|--- 2026-05-13 16:12:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqozhmhzy2k...

6CVSS5AI score0.00162EPSS
Exploits0References1
Circl
Circl
added 2026/05/13 4:10 p.m.8 views

GHSA-429Q-FHH4-R6HJ

creationtimestamp| type| source ---|---|--- 2026-05-13 16:10:29+00:00| seen| https://gist.github.com/alon710/81762c48278b036a7f34dc62e8a4137d...

5AI score
Exploits0References1
Circl
Circl
added 2026/05/13 3:56 p.m.11 views

CVE-2026-3425

creationtimestamp| type| source ---|---|--- 2026-05-13 15:56:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlqo5e3wo72g 2026-05-18 18:00:47+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mm5hfskeat2c...

8.8CVSS5AI score0.00625EPSS
Exploits0References2
Circl
Circl
added 2026/05/13 3:40 p.m.10 views

CVE-2026-6177

creationtimestamp| type| source ---|---|--- 2026-05-13 15:40:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqnb4s65q2q 2026-05-15 03:50:46+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mlugiqwy3k2a 2026-05-16 18:32:05+00:00| seen|...

7.2CVSS4.9AI score0.00493EPSS
Exploits0References3
Circl
Circl
added 2026/05/13 3:40 p.m.6 views

GHSA-J274-39QW-32C9

creationtimestamp| type| source ---|---|--- 2026-05-13 15:40:29+00:00| seen| https://gist.github.com/alon710/ef3efe37eacc8d375596cddc56ee3bfb...

5AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/13 3:22 p.m.73 views

neo-pocs

neo-pocs Containerized proof-of-concept packages for reviewed...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:12 p.m.8 views

CVE-2026-42926

When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...

6.3CVSS5.8AI score0.00339EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/13 2:12 p.m.9 views

CVE-2026-40460

When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS5.8AI score0.00367EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/13 2:12 p.m.9 views

CVE-2026-42926

When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...

6.3CVSS5.8AI score0.00339EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/05/13 2:12 p.m.12 views

CVE-2026-40460

When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS5.8AI score0.00367EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/13 2:12 p.m.11 views

CVE-2026-42926

When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...

6.3CVSS5.8AI score0.00339EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/05/13 2:12 p.m.12 views

CVE-2026-40701

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpsslmodule module when the sslverifyclient directive is set to "on" or "optional," and the sslocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacke...

6.3CVSS6AI score0.00677EPSS
Exploits0
Circl
Circl
added 2026/05/13 2:0 p.m.16 views

CVE-2026-45616

creationtimestamp| type| source ---|---|--- 2026-05-13 14:00:05+00:00| seen| https://t.me/GithubRedTeam/84084 2026-05-13 21:00:04+00:00| published-proof-of-concept| Telegram/O41s4ZacceniC-zmRdA20LKtlUfLN8dJaI2Rmc1hsAXigiA...

5.1CVSS5.8AI score0.00234EPSS
Exploits0References1
Rows per page
Query Builder