Lucene search
K

147 matches found

RedhatCVE
RedhatCVE
added 2026/07/03 6:48 a.m.8 views

CVE-2026-54891

A flaw was found in Erlang's SSL Secure Sockets Layer component. A network-positioned attacker can exploit this vulnerability by injecting unauthenticated plaintext data into a client's TLS Transport Layer Security handshake. The client application may then process this injected data as if it wer...

6.3CVSS5.9AI score0.00135EPSS
Exploits0References8
Patchstack
Patchstack
added 2026/07/02 7:22 p.m.6 views

WordPress LatePoint – Calendar Booking Plugin for Appointments and Events plugin <= 5.6.1 - Missing Authorization to Unauthenticated Arbitrary Customer Data Modification vulnerability

Missing Authorization to Unauthenticated Arbitrary Customer Data Modification vulnerability discovered by hhhai in WordPress Plugin LatePoint versions = 5.6.1...

5.3CVSS5.9AI score0.00338EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/07/02 5:17 p.m.12 views

CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 5:17 p.m.9 views

UBUNTU-CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS6AI score0.00135EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/07/02 4:6 p.m.12 views

CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/02 4:6 p.m.7 views

EUVD-2026-41415

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 4:6 p.m.5 views

EEF-CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Summary Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tls\gen\connection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/02 4:6 p.m.9 views

CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/07/02 4:6 p.m.5 views

CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS6AI score0.00135EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/07/01 8:0 p.m.5 views

WordPress Kirki – Freeform Page Builder, Website Builder & Customizer plugin <= 6.0.11 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by Jagadesh Achanta - Independent in WordPress Plugin Kirki versions = 6.0.11...

5.3CVSS5.8AI score0.00285EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-57633

Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...

5.3CVSS0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.5 views

EUVD-2026-39749

Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.36 views

CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS0.00303EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-52696

Unauthenticated Sensitive Data Exposure in JetBlog = 2.4.8 versions...

7.5CVSS0.00238EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.15 views

CVE-2026-34888

Unauthenticated Sensitive Data Exposure in Bricksforge = 3.1.8.4 versions...

7.5CVSS0.00303EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.12 views

CVE-2026-52694

Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...

7.5CVSS0.00238EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.10 views

CVE-2026-49056

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.11 views

CVE-2026-42667

Unauthenticated Sensitive Data Exposure in Bookly = 27.4 versions...

7.5CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-40789

Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.9 views

CVE-2026-52695 WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...

7.5CVSS5.2AI score0.00243EPSS
Exploits0References1
Rows per page
Query Builder