Lucene search
K

11792 matches found

Microsoft KB
Microsoft KB
added 5 hours ago33 views

May 12, 2026-KB5087053 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H2 and Windows 10 Version 22H2

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 5 hours ago14 views

May 12, 2026-KB5087064 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 and Windows 10 Version 22H2

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 5 hours ago19 views

May 12, 2026—KB5087537 (OS Build 14393.9140)

None None...

9.8CVSS6.8AI score0.72253EPSS
Exploits32
Microsoft KB
Microsoft KB
added 5 hours ago101 views

May 12, 2026-KB5087065 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 5 hours ago69 views

May 12, 2026-KB5087066 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server 2019

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
Nuclei
Nuclei
added 12 hours ago29 views

iboss Secure Web Gateway - Stored Cross-Site Scripting

A cross-site scripting vulnerability has been found in iboss Secure Web Gateway up to version 10.1. The vulnerability affects the /login file of the Login Portal component, where manipulation of the redirectUrl parameter leads to cross-site scripting. The attack can be launched remotely and the...

6.1CVSS5.3AI score0.22002EPSS
Exploits4References5
Cvelist
Cvelist
added yesterday24 views

CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS
Exploits0References2
Cvelist
Cvelist
added yesterday23 views

CVE-2026-57740 WordPress AcyMailing SMTP Newsletter plugin <= 10.11.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.1...

7.1CVSS0.00321EPSS
Exploits0References1
OSV
OSV
added yesterday3 views

MAL-2026-10389 Malicious code in timmytuffknuckles6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22ef6fa6c2b9f80d6a1f79e532a9d9ea083a1c662bc834d118879ba630842b0c This package is not a Node.js library. package.json declares "main": "sw.js", a Service Worker that calls importScripts'./8cfc2/hgshm.js' — an API th...

6.2AI score
Exploits0References3
RedHat Linux
RedHat Linux
added yesterday7 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.1AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57768

Missing Authorization vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.1...

7.1CVSS6.1AI score0.00321EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-15506 SecureAge CatchPulse Driver saappctl.sys heap-based overflow

A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. The affected element is an unknown function in the library saappctl.sys of the component Driver. Such manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been...

8.5CVSS0.00184EPSS
Exploits0References7
NVD
NVD
added 4 days ago7 views

CVE-2026-54149

MaxKB is an open-source AI assistant for enterprise. Prior to 2.10.0-lts, MaxKB tool import functionality in apps/tools/serializers/tool.py and MCP referencing mode in apps/application/chatpipeline/step/chatstep/impl/basechatstep.py do not consistently validate MCP transport type, allowing an...

8.8CVSS0.00384EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42924

MaxKB is an open-source AI assistant for enterprise. Prior to 2.10.0-lts, MaxKB tool import functionality in apps/tools/serializers/tool.py and MCP referencing mode in apps/application/chatpipeline/step/chatstep/impl/basechatstep.py do not consistently validate MCP transport type, allowing an...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References2
NVD
NVD
added 4 days ago10 views

CVE-2026-54469

Dell Unisphere for PowerMax, versions 10.3.0.5 and prior, contains a Deserialization of Untrusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...

8.8CVSS0.00442EPSS
Exploits0References1
Rockylinux
Rockylinux
added 4 days ago10 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Page...

7.5CVSS6.2AI score0.21691EPSS
Exploits6
Rockylinux
Rockylinux
added 4 days ago6 views

tomcat9 security, bug fix, and enhancement update

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...

7.5CVSS6.2AI score0.21691EPSS
Exploits6
NVD
NVD
added 4 days ago5 views

CVE-2026-40007

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

7.5CVSS0.00278EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42839

Out-of-bounds Read, Improper Input Validation vulnerability in Apache IoTDB C++ client. Out-of-bounds reads in IoTDB C++ client TsBlock deserializer crash client process on malformed server data. This issue affects Apache IoTDB C++ client: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users...

7.5CVSS6.1AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-40454 Apache IoTDB C++ client: Out-of-bounds reads in C++ client TsBlock deserializer crash client process on malformed server data

Out-of-bounds Read, Improper Input Validation vulnerability in Apache IoTDB C++ client. Out-of-bounds reads in IoTDB C++ client TsBlock deserializer crash client process on malformed server data. This issue affects Apache IoTDB C++ client: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users...

0.00278EPSS
Exploits0References1
Rows per page
Query Builder