Lucene search
K

1773 matches found

Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43385

In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcutaskswaitgp: rcutasks grace period number 85 since...

7.5CVSS5.7AI score0.00344EPSS
Exploits0
OSV
OSV
added 2026/05/08 2:16 p.m.9 views

UBUNTU-CVE-2026-43314

In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 "blk-mq: move failure injection out of blkmqcompleterequest", drivers are responsible for calling blkshouldfaketimeout at appropriate code paths and...

5.5CVSS5.7AI score0.00138EPSS
Exploits0References17
CVE
CVE
added 2026/05/08 1:11 p.m.15 views

CVE-2026-43314

CVE-2026-43314 affects the Linux kernel device mapper (dm) driver. The issue arises when an I/O timeout failure is injected into a dm device; because dm does not implement its own timeout handler, the request can leak and hang indefinitely. The root cause is the presence of blk_should_fake_timeou...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 blk-mq: move failure injection out of blkmqcompleterequest, drivers are responsible for...

5.5CVSS6.2AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from deadlock issues during runtime in accel amdxdna, leading to pending tasks being stuck and...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between task migration and iteration within cgroups, potentially leading to...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-39079

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists during concurrent fork operations where a newly forked task is accounted as an MMCID user before it becomes visible in the process thread list and the global task...

5.8AI score0.00107EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed tha...

7.5CVSS6.4AI score0.00344EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 10:16 p.m.13 views

CVE-2026-41928

Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access the cron controller without authentication and retrieve the exposed secret key from the response,...

6.9CVSS0.00418EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 9:13 p.m.9 views

CVE-2026-41928

Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access the cron controller without authentication and retrieve the exposed secret key from the response,...

6.9CVSS5.9AI score0.00418EPSS
Exploits0References3
NVD
NVD
added 2026/05/07 3:16 p.m.48 views

CVE-2026-44263

Weblate is a web based localization tool. Prior to version 5.17.1, the screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user. This issue has been patched in version 5.17.1...

4.3CVSS0.00288EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/07 12:3 a.m.11 views

Information Exposure

Overview weblate is an A web-based continuous localization system with tight version control integration Affected versions of this package are vulnerable to Information Exposure in the Screenshot API, tasks API, and component link API. An attacker can access private translation data by enumeratin...

5.3CVSS5.8AI score0.00288EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.23 views

PT-2026-38400

Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.17.1 Description The screenshots, tasks, and component link API endpoints allow for the enumeration of translations within a project that the user should not be able to access. Recommendations Update to version 5.17...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References13
Snyk
Snyk
added 2026/05/06 9:59 p.m.9 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the GET /api/v1/stable/dags/tasks endpoint via improper tenant checks in the listTasksByDAGIds function. An attacker can access sensitive task metadata belonging to other tenants by...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2026/05/06 9:59 p.m.23 views

GHSA-55GC-6FMC-FPX9 Hatchet affected by cross-tenant information disclosure in `listTasksByDAGIds`

Summary A missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any tenant on the same Hatchet instance could query the endpoint with another tenant's UUID and a DAG UUID belongi...

5.3CVSS5.9AI score0.00181EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2026/05/06 12:50 p.m.8 views

Attackers adopt JavaScript runtime Bun to spread NWHStealer

In our previous research, we analyzed a Windows infostealer we track as NWHStealer. The attackers behind this stealer are continuously finding new methods to distribute the stealer. During our hunting activities, we noticed how attackers are using a JavaScript runtime called Bun to help distribut...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/05 6:33 p.m.13 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-35192 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-35192 Source advisory: OSV:GHSA-7H2M-M8VJ-598H...

6.5CVSS5.4AI score0.00544EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/05 5:30 p.m.9 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-5766 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-5766 Source advisory: SNYK:PYTHON-DJANGO-16425762...

6.3CVSS5.4AI score0.00423EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/05 5:30 p.m.13 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-6907 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-6907 Source advisory: SNYK:PYTHON-DJANGO-16425745...

5.3CVSS5.4AI score0.00358EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/05 10:20 a.m.10 views

kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References5
Rows per page
Query Builder