Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.8 views

CVE-2026-46538

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS5.5AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45493

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 0.20.0 through 2.0.11 Description Authenticated agents can forge service-monitor results for services belonging to other users. The system accepts TaskResult messages from an authenticated agent based solely on whethe...

7.1CVSS5.4AI score0.00266EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/27 9:56 p.m.40 views

CVE-2026-46538 Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:56 p.m.10 views

EUVD-2026-32677

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS5.8AI score0.00225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:56 p.m.11 views

CVE-2026-46538

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS5.8AI score0.00225EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.10 views

PT-2026-44121

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description The constellation client in this open-source framework for intelligent automation tracks pending task responses using only the session id and fails to verify if a TASK END message originated...

5.9CVSS5.8AI score0.00225EPSS
Exploits0References3
Veracode
Veracode
added 2017/06/16 2:25 a.m.17 views

Information Disclosure

ansible is vulnerable to information disclosure. It is possible because .result attribute of an ansible.executor.taskresult.TaskResult is being sent to the callback plugins without obscuring stdout information when using a nolog directive...

6.2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder