Lucene search
K

374 matches found

wolfi
wolfi
added 2026/05/28 1:48 p.m.21 views

CVE-2026-41284 vulnerabilities

Vulnerabilities for packages: thingsboard...

7.5CVSS5.8AI score0.0078EPSS
Exploits0
redhatcve
redhatcve
added 2026/05/27 8:14 p.m.14 views

CVE-2026-9568

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS5.2AI score0.00219EPSS
Exploits0References1
nvd
nvd
added 2026/05/26 7:16 p.m.15 views

CVE-2026-9568

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS0.00219EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/05/26 6:0 p.m.9 views

CVE-2026-9568 ThingsBoard YAML provision getGatewayDockerComposeFile code injection

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS5.2AI score0.00219EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/26 6:0 p.m.33 views

CVE-2026-9568 ThingsBoard YAML provision getGatewayDockerComposeFile code injection

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS0.00219EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/05/26 6:0 p.m.9 views

CVE-2026-9568

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS5.2AI score0.00219EPSS
Exploits0References6
cve
cve
added 2026/05/26 6:0 p.m.19 views

CVE-2026-9568

ThingsBoard (up to 4.3.1.1) contains a vulnerability in the YAML Handler’s /api/v1/provision path. The getGatewayDockerComposeFile function can be manipulated to achieve code injection, with remote feasibility and high attack complexity per the provided metrics. No remediation or exploit details ...

5.1CVSS5.2AI score0.00219EPSS
Exploits0References5
euvd
euvd
added 2026/05/26 6:0 p.m.14 views

EUVD-2026-31957

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS5.2AI score0.00219EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/05/26 12:0 a.m.15 views

PT-2026-43379

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS5.2AI score0.00219EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/05/26 12:0 a.m.9 views

ThingsBoard 代码注入漏洞

ThingsBoard is a Java-based platform developed by the ThingsBoard team, used for monitoring, managing, and data collection of IoT devices. Versions of ThingsBoard 4.3.1.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of the...

5.1CVSS6.1AI score0.00219EPSS
Exploits0References6
osv
osv
added 2026/05/18 2:1 p.m.9 views

CLEANSTART-2026-CB77162 Security fixes for CVE-2026-2391, CVE-2026-26960, CVE-2026-29786, CVE-2026-31802, CVE-2026-4867, ghsa-34x7-hfp2-rc4v, ghsa-37ch-88jc-xwx2, ghsa-5359-pvf2-pw78, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-r4q5-vmmm-2653, ghsa-r6q2-hw4h-h46w applied in versions: 4.2.1.1-r1, 4.2.1.1-r2, 4.3.0.1-r0, 4.3.1-r0

Multiple security vulnerabilities affect the thingsboard-tb-web-ui package. These issues are resolved in later releases. See references for individual vulnerability details...

8.6CVSS6.6AI score0.00496EPSS
Exploits8References18
wolfi
wolfi
added 2026/05/16 1:48 a.m.16 views

GHSA-95JQ-RWVF-VJX4 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.19 views

GHSA-8MC5-53M5-3QJ2 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.19 views

GHSA-24J9-X2WG-9QV6 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.25 views

CVE-2026-34483 vulnerabilities

Vulnerabilities for packages: thingsboard...

7.5CVSS5.8AI score0.00461EPSS
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.18 views

CVE-2026-29129 vulnerabilities

Vulnerabilities for packages: thingsboard...

7.5CVSS5.8AI score0.00259EPSS
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.16 views

GHSA-X4M4-345F-5H5G vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.19 views

GHSA-RV64-5GF8-9QQ8 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.21 views

GHSA-9M3C-QCXR-9X87 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
wolfi
wolfi
added 2026/05/16 1:48 a.m.31 views

CVE-2026-34500 vulnerabilities

Vulnerabilities for packages: thingsboard...

6.5CVSS5.8AI score0.00469EPSS
Exploits0
Rows per page
Query Builder