Lucene search
K

48515 matches found

Nuclei
Nuclei
added yesterday77 views

Gogs <= 0.13.3 - Remote Code Execution

Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink bypass vulnerability that circumvents the fix for CVE-2024-55947. Authenticated users can exploit improper symbolic link handling in the PutContents API to overwrite files outside the repository by committing a...

8.8CVSS7.6AI score0.7654EPSS
Exploits18References4
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-6678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption. CVE-2026-6678 Note th...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-7531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-12912

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occu...

7.3CVSS6.6AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6329

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. Th...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC. CVE-2026-6092 Note that...

5.3CVSS5.8AI score0.00209EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-55960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago10 views

Linux Distros Unpatched Vulnerability : CVE-2026-6412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing. CVE-2026-6412 Note that Nessus...

4.3CVSS5.8AI score0.00074EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago10 views

Linux Distros Unpatched Vulnerability : CVE-2026-7532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certifica...

7.5CVSS5.8AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago11 views

Linux Distros Unpatched Vulnerability : CVE-2026-7511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be...

7.5CVSS5.8AI score0.00171EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2...

6.5CVSS5.9AI score0.0013EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago11 views

Linux Distros Unpatched Vulnerability : CVE-2026-6325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer...

7.5CVSS5.8AI score0.00175EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-54369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions aclgetfile, aclsetfile, aclextendedfile, and...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled...

5.3CVSS5.8AI score0.0018EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 5 days ago4 views

EEF-CVE-2026-53428 Unbounded memory allocation in highlight_lines range expansion in mdex

Summary Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through unbounded memory allocation. comrak\nif::lumis\adapter::LumisAdapter::parse\highlight\lines in native/comrak\nif/src/lumis\adapter.rs eagerly...

6.9CVSS5.9AI score0.00142EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 5 days ago10 views

Linux Distros Unpatched Vulnerability : CVE-2026-55677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-13006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.35 in Java applications, allows an attacke...

7CVSS6.2AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no val...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NA...

4.4CVSS5.8AI score0.00124EPSS
Exploits0References4
Rows per page
Query Builder