Lucene search
K

2801 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

7.5CVSS5.5AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.14 views

CVE-2026-37225

FlexRIC v2.0.0 crashes when the iApp receives an E42RICSUBSCRIPTIONREQUEST with an empty ricEventTriggerDefinition field. The E42 layer decoder accepts this as valid, but the E2AP encoder asserts a non-empty constraint when forwarding the request. A remote unauthenticated attacker can crash the...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.9 views

CVE-2026-43883

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege...

4.2CVSS5.4AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.13 views

CVE-2026-3646

The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to missing authentication, authorization, and nonce verification on a standalone PHP file that...

5.3CVSS5.5AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.8 views

CVE-2026-49120

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS5.6AI score0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.13 views

CVE-2026-24554

Cross-Site Request Forgery CSRF vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery. This issue affects WPSubscription: from n/a through 1.9.1...

4.3CVSS5.4AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.20 views

CVE-2026-44318

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/subId handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock via BSFContext.GetSubscriptionsubId, but if t...

6.5CVSS5.6AI score0.00268EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.14 views

CVE-2026-3461

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the expresspayproductpagepayfororder function logging users in based solely on a user-supplied billing email address during guest checkout for...

9.8CVSS5.4AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-44326

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptio...

9.4CVSS5.5AI score0.00311EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.14 views

CVE-2026-44330

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can use a forged or arbitrary bearer token e.g. Authorization...

10CVSS5.6AI score0.00287EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.4 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server lies in their deserialization mechanism flaws, which allows attackers to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9CVSS6.4AI score0.03219EPSS
Exploits4References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 6:5 p.m.7 views

CVE-2026-49120 Medplum < 5.1.14 SSRF via FHIR Subscription Endpoint

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS6AI score0.00229EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/02 6:5 p.m.11 views

EUVD-2026-33998

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS6AI score0.00229EPSS
Exploits0References4
CVE
CVE
added 2026/06/02 6:5 p.m.20 views

CVE-2026-49120

Medplum's SSRF flaw (CVE-2026-49120) affects Medplum before 5.1.14 in the subscription worker. An authenticated user can create FHIR Subscription resources with arbitrary endpoint URLs, enabling server-side requests to internal addresses (e.g., metadata services, internal databases, container orc...

8.5CVSS6AI score0.00229EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/02 6:5 p.m.30 views

CVE-2026-49120 Medplum < 5.1.14 SSRF via FHIR Subscription Endpoint

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS0.00229EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.16 views

CVE-2026-37234

FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xappids by sending multiple E42SETUPREQUESTs. On disconnect, only the first registered xappid's resources are cleaned up; subsequent xappids and their subscriptions remain as stale entries. A remote attacker can exploit this to leak...

8.2CVSS5.8AI score0.00345EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.16 views

CVE-2026-37226

FlexRIC v2.0.0 crashes when the iApp receives an E42RICSUBSCRIPTIONREQUEST referencing a non-existent E2 Node. The lookup function returns NULL, which is enforced by assert in Debug builds SIGABRT and dereferenced in Release builds SIGSEGV. A remote unauthenticated attacker can crash the iApp...

7.5CVSS6AI score0.00642EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.12 views

CVE-2026-37233

FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The equality function eqxappricgenid in src/ric/iApp/xappricid.c compares m0-xappid against itself m0-xappid instead of the other argument m1-xappid, effectively ignoring the xApp identity dimension. A malicio...

7.5CVSS5.8AI score0.00454EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45843

Name of the Vulnerable Software and Affected Versions Medplum versions prior to 5.1.14 Description An issue in the subscription worker allows authenticated users to perform unauthorized internal network requests. By creating FHIR Subscription resources with arbitrary endpoint URLs, attackers can...

8.5CVSS6AI score0.00229EPSS
Exploits0References7
Rows per page
Query Builder