Lucene search
K

39202 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 10:37 a.m.5 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure...

7.1CVSS6AI score0.00122EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/06/25 12:0 a.m.8 views

Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Photon OS 4.0: Linux PHSA-2026-4.0-1041

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1041. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS6.2AI score0.00208EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

RockyLinux 10 : skopeo (RLSA-2026:29035)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:29035 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.24 views

Malicious code in leo-streams (npm)

The leo-streams npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.13 views

MAL-2026-6419 Malicious code in leo-cache (npm)

The leo-cache npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.13 views

Malicious code in serverless-convention (npm)

The serverless-convention npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.9 views

Malicious code in leo-connector-mongo (npm)

The leo-connector-mongo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.7 views

Malicious code in rstreams-metrics (npm)

The rstreams-metrics npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
CVE
CVE
added 2026/06/24 9:55 p.m.20 views

CVE-2026-39894

CVE-2026-39894 affects Cacti (≤ 1.2.30). Locale-dependent decimal formatting in rrdtool_function_update() uses PHP string interpolation for metric values after is_numeric(), so a value like 1.5 may be rendered as 1,5 under LC_NUMERIC with a comma decimal. RRDtool expects a dot, causing metric dat...

2.9CVSS5.8AI score0.00104EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/24 9:16 p.m.10 views

CVE-2026-7539

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS0.00096EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-50128

Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...

5.3CVSS0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 7:48 p.m.17 views

CVE-2026-50128 Mastodon: Spoofing of attribution domains

Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...

5.3CVSS0.00129EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 7:48 p.m.13 views

CVE-2026-50128

Mastodon vulnerability CVE-2026-50128 affects versions 4.3.0 through 4.5.11 and 4.4.18, where an error in the attributionDomains JSON-LD handling allows an attacker to arbitrarily modify the attributionDomains value on a legitimately signed Update and bypass signature verification. This can under...

5.3CVSS5.9AI score0.00129EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 7:47 p.m.7 views

EUVD-2026-39057

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS6AI score0.00096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:47 p.m.6 views

CVE-2026-7539

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS6AI score0.00096EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38856

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

5.7AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38984

In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex has been released. This calls aprevisereserved, which accesses the...

5.7AI score0.00145EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.5 views

CVE-2026-52988

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

5.7AI score0.00122EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder