Lucene search
K

7445 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-55187

Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the tools.IsInternalIP deny-list in internal/tools/net.go relies on Go's standard library classification helpers and does not block IPv6 transition mechanisms...

5.8CVSS0.00282EPSS
Exploits0References3
Metasploit
Metasploit
added 4 days ago10 views

FTP Fetch, Linux Execute Command

Fetch and execute an MIPSLE payload from an FTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes as well as on targets with extremely limited buffer space. Module Options msf use payload/cmd/linux/ftp/mipsle/exec msf payloadexec show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago9 views

FTP Fetch, Linux Reboot

Fetch and execute an RISC-V 64-bit payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/riscv64le/reboot msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago14 views

FTP Fetch, Linux Reboot

Fetch and execute an MIPSLE payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/mipsle/reboot msf payloadreboot sh...

6.2AI score
Exploits0
Fedora
Fedora
added 4 days ago8 views

[SECURITY] Fedora 43 Update: kind-0.31.0-4.fc43

Kubernetes IN Docker - local clusters for testing Kubernetes...

5.9AI score
Exploits0
CVE
CVE
added 5 days ago16 views

CVE-2026-54695

CVE-2026-54695 - Pipecat Telephony WebSocket /ws Unauthenticated Call-Control Abuse Pipecat prior to v1.4.0 registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication. An attacker can send a crafted handshake containing a caller-supplied callSid, whic...

7.5CVSS6AI score0.00327EPSS
Exploits1References5Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago10 views

Malicious code in testing-d3do (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c008bcf9a72a02f11c556396a39d6de999bfad0cfa389ddac01929d19bb34d8 On npm install, this package's postinstall script collects host identifiers os.hostname, os.userInfo, current working directory, and external IPv4...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago10 views

Malicious code in rony-testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be1a5728b472335e46d1df74becaf6355424f1f32d068bb517c079d88cacc03c The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo.username, hostname...

5.9AI score
Exploits0References2
OSV
OSV
added 6 days ago7 views

MAL-2026-6968 Malicious code in rony-testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be1a5728b472335e46d1df74becaf6355424f1f32d068bb517c079d88cacc03c The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo.username, hostname...

6.1AI score
Exploits0References2
Fedora
Fedora
added 2026/07/04 12:51 a.m.8 views

[SECURITY] Fedora 44 Update: os-autoinst-5^20260601git6ee8da2-1.fc44

The OS-autoinst project aims at providing a means to run fully automated tests. Especially to run tests of basic and low-level operating system components such as bootloader, kernel, installer and upgrade, which can not easily and safely be tested with other automated testing frameworks. However,...

9.8CVSS6.6AI score0.01735EPSS
Exploits0
Fedora
Fedora
added 2026/07/04 12:51 a.m.6 views

[SECURITY] Fedora 44 Update: openqa-5^20260604git6376095-3.fc44

openQA is a testing framework that allows you to test GUI applications on one hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA is...

9.8CVSS6.7AI score0.01735EPSS
Exploits0
OSV
OSV
added 2026/06/30 11:3 p.m.3 views

SUSE-SU-2026:22459-1 Security update for pcr-oracle

This update for pcr-oracle fixes the following issues Update to 0.6.3: Security issue: - integer underflow vulnerability in parsesbatlevelsection bsc1265042. Non security issue: - Lockout Authorization error for libvirt-emulated TPM bsc1265871. Changes for pcr-oracle: + Relax TPM self-test...

5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54008

Name of the Vulnerable Software and Affected Versions Picklescan versions prior to 0.0.25 Description Picklescan fails to detect unsafe global functions within the Numpy library, which allows attackers to bypass static analysis. This issue enables the execution of arbitrary code during...

7.6CVSS6.4AI score0.00552EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/06/27 12:19 p.m.17 views

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards

OpenAI on Friday released three versions of GPT-5.6 , called Sol, Terra, and Luna , as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficien...

5.9AI score
Exploits0
NVD
NVD
added 2026/06/25 2:16 p.m.10 views

CVE-2026-54844

Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...

7.5CVSS0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.29 views

CVE-2026-54844 WordPress CheckView Automated Testing plugin <= 2.1.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...

7.5CVSS0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.8 views

EUVD-2026-39371

Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 p.m.11 views

CVE-2026-54844

The CVE-2026-54844 entry concerns WordPress CheckView Automated Testing plugin (versions

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 4:33 a.m.37 views

CVE-2026-11379 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

5.3CVSS0.00188EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52421

Name of the Vulnerable Software and Affected Versions CheckView Automated Testing versions prior to 2.1.1 Description An unauthenticated broken access control issue exists, allowing unauthorized users to bypass security restrictions. Recommendations Update CheckView Automated Testing to version...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References4
Rows per page
Query Builder