Lucene search
K

39136 matches found

Cvelist
Cvelist
added 6 days ago24 views

CVE-2026-56334 Capgo - Missing UPDATE RLS Policy for Build Status Persistence

Capgo before 12.128.2 lacks an UPDATE row-level security policy for the buildrequests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving buildreques...

5.3CVSS0.00192EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2026-56333

Capgo before 12.128.2 is affected by a server-side validation bypass in organization security settings. The vulnerability lets authenticated org admins bypass backend validation by directly updating the public.orgs table from the browser, bypassing field-level checks such as max_apikey_expiration...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References2
CVE
CVE
added 6 days ago7 views

CVE-2026-56328

Capgo before 12.128.2 is affected by an integrity issue where multiple public channels for the same app/platform can coexist, and unnamed /updates requests without a defaultChannel may resolve to a hidden winner channel. An authorized app or channel manager can create an ambiguous default update ...

7.1CVSS5.8AI score0.00247EPSS
Exploits0References2
OSV
OSV
added 6 days ago5 views

RHSA-2026:33285 Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Bulletin has no description...

7.1CVSS5.9AI score0.00287EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Photon OS 5.0: Vim PHSA-2026-5.0-0908

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0908. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid32392...

8.8CVSS7AI score0.00917EPSS
Exploits1References15
Spring Security Advisories
Spring Security Advisories
added 6 days ago13 views

This Week in Spring - June 30th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring , a weekly recap in which we review the latest and greatest in the wide and wonderful world of Spring. You probably already knew this. I don't know if I needed to mention it. But I like to. I've been doing this every week,...

5.8AI score
Exploits0
CVE
CVE
added last week7 views

CVE-2026-43720

CVE-2026-43720 is a use-after-free vulnerability in Safari related to processing malicious web content, caused by a memory-management issue. The flaw could trigger an unexpected Safari crash. It is fixed in Safari 26.5.2 and affects iOS/iPadOS/macOS Tahoe updates (iOS 26.5.2, iPadOS 26.5.2, macOS...

6.5CVSS5.8AI score0.00289EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-43717

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

6.5CVSS5.8AI score0.00189EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-43740

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory...

6.5CVSS5.8AI score0.00203EPSS
Exploits0References4
EUVD
EUVD
added last week6 views

EUVD-2026-40122

The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters...

7.5CVSS5.9AI score0.00228EPSS
Exploits2References1
Cvelist
Cvelist
added last week35 views

CVE-2026-49049 Joomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handler

The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters...

0.00228EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added last week5 views

Important: Red Hat Security Advisory: OpenShift Virtualization v4.16 Images

Red Hat OpenShift Virtualization release v4.16 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

8.7CVSS5.8AI score0.00656EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added last week5 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.13: python3.13-3.13.14-1.1.hum1 aarch64, x8664 python3.13-debug-3.13.14-1.1.hum1 aarch64, x8664 python3.13-devel-3.13.14-1.1.hum1 aarch64, x8664 python3.13-freethreading-3.13.14-1.1.hum1...

6.1CVSS5.8AI score0.00229EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added last week6 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18.0 shipped with IBM Cloud Pak for Business Automation iFixes for June 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation June 2026 security fixes update this dependency beyond 4.18.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a CL...

9.8CVSS8.4AI score0.01945EPSS
Exploits4Affected Software2
Nuclei
Nuclei
added 2026/06/29 5:52 a.m.44 views

RealTek Jungle SDK - Arbitrary Command Injection

There is a command injection vulnerability on the "formWsc" page of the management interface. Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system. id: CVE-2021-35395 info: name: RealTek Jungle SDK - Arbitrary Command Injection...

10CVSS8AI score0.981EPSS
Exploits2References5
Apple
Apple
added 2026/06/29 12:0 a.m.9 views

About the security content of iOS 26.5.2 and iPadOS 26.5.2

About the security content of iOS 26.5.2 and iPadOS 26.5.2 This update delivers security fixes that were first made available in the iOS 26.6 and iPadOS 26.6 betas. This document describes the security content of iOS 26.5.2 and iPadOS 26.5.2. About Apple security updates For our customers'...

9.1CVSS5.8AI score0.00371EPSS
Exploits2References1Affected Software2
Photon
Photon
added 2026/06/29 12:0 a.m.5 views

Important Photon OS Security Update - PHSA-2026-4.0-1045

Updates of 'gst-plugins-bad' packages of Photon OS have been released...

8.8CVSS5.9AI score0.00489EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT ...

8.8CVSS6AI score0.00127EPSS
Exploits0References2
OSV
OSV
added 2026/06/27 10:24 a.m.5 views

RHSA-2026:27197 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

8.1CVSS6AI score0.02838EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.6 views

EulerOS 2.0 SP15 : libcap (EulerOS-SA-2026-2487)

According to the versions of the libcap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function...

7CVSS7.1AI score0.00188EPSS
Exploits1References2
Rows per page
Query Builder