Lucene search
+L

109236 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.1AI score0.00728EPSS
Exploits0References8
Circl
Circl
added 2 days ago7 views

CVE-2026-20158

creationtimestamp| type| source ---|---|--- 2026-07-16 13:00:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mqrc566sg32e 2026-07-16 16:45:04+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-cisco-28...

7.5CVSS6.1AI score0.00252EPSS
Exploits0References2
Circl
Circl
added 2 days ago7 views

CVE-2026-20157

creationtimestamp| type| source ---|---|--- 2026-07-16 13:00:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mqrc566sg32e 2026-07-16 16:45:09+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-cisco-28...

7.5CVSS6.1AI score0.00061EPSS
Exploits0References2
Circl
Circl
added 2 days ago6 views

CVE-2026-20187

creationtimestamp| type| source ---|---|--- 2026-07-16 13:00:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mqrc566sg32e 2026-07-16 16:45:11+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-cisco-28...

7.5CVSS6.1AI score0.00252EPSS
Exploits0References2
Circl
Circl
added 2 days ago5 views

CVE-2016-1453

creationtimestamp| type| source ---|---|--- 2026-07-16 13:00:05+00:00| seen| https://t.me/KaitNews/224 2026-07-17 00:00:51+00:00| seen| https://t.me/KaitNews/224...

10CVSS7AI score0.0807EPSS
Exploits0References1
Circl
Circl
added 2 days ago6 views

CVE-2016-5182

creationtimestamp| type| source ---|---|--- 2026-07-16 13:00:04+00:00| seen| https://t.me/KaitNews/312 2026-07-17 00:00:51+00:00| seen| https://t.me/KaitNews/312...

8.8CVSS7AI score0.01282EPSS
Exploits0References1
Circl
Circl
added 2 days ago4 views

CVE-2016-5193

creationtimestamp| type| source ---|---|--- 2026-07-16 13:00:04+00:00| seen| https://t.me/KaitNews/312 2026-07-17 00:00:51+00:00| seen| https://t.me/KaitNews/312...

4.3CVSS6.7AI score0.01216EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago5 views

Malicious code in @hibachi-xyz/types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214e1b690352ce0af70ce6a37d3b7ac4d8dec4269dc7606b7a65fbb6d4406e8b The package presents itself as 'Type definitions' for the @hibachi-xyz scope at version 99.0.0, but index.js exports an empty object and its only...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago6 views

Malicious code in @hibachi-xyz/config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2012c3b3a43f28209edf1c4b6fdbb0477c7c31f7574e37293cf7dd324f7f1e2f On require of the package's main entry, top-level code enumerates process.env and collects values whose keys match a credential-shaped regex KEY,...

6.1AI score
Exploits0References1
Nuclei
Nuclei
added 2 days ago26 views

WordPress AI Engine Plugin - Token Exposure

Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...

9.8CVSS7AI score0.75063EPSS
Exploits5References2
Nuclei
Nuclei
added 2 days ago334 views

Ivanti Connect Secure - XXE

Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...

8.3CVSS7.1AI score0.94721EPSS
Exploits1References2
Nuclei
Nuclei
added 2 days ago111 views

WordPress Redux Framework <=4.2.11 - Information Disclosure

WordPress Redux Framework plugin through 4.2.11 is susceptible to information disclosure. The plugin registers several unique AJAX actions available to unauthenticated users in the includes function in redux-core/class-redux-core.php. These are predictable, given that they are based on an md5 has...

5.3CVSS6.2AI score0.28961EPSS
Exploits6References5
NVD
NVD
added 2 days ago10 views

CVE-2026-15099

The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, and including, 1.10.2. This is due to insufficient input sanitization and output escaping in the wrapdirectiontext function, which interpolates the...

6.4CVSS0.00193EPSS
Exploits0References5
Circl
Circl
added 2 days ago6 views

CVE-2026-15458

creationtimestamp| type| source ---|---|--- 2026-07-16 08:29:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqqszdqisv2m...

4.9CVSS6.1AI score0.00272EPSS
Exploits0References1
Circl
Circl
added 2 days ago6 views

CVE-2026-12492

creationtimestamp| type| source ---|---|--- 2026-07-16 07:47:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqqqobblln2c 2026-07-16 16:40:30+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqrofv6bjr2j...

9.8CVSS6.1AI score0.00283EPSS
Exploits0References2
Circl
Circl
added 2 days ago8 views

CVE-2026-15652

creationtimestamp| type| source ---|---|--- 2026-07-16 04:29:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqqfljtpno2w...

6.4CVSS6.1AI score0.00197EPSS
Exploits0References1
Circl
Circl
added 2 days ago7 views

CVE-2026-3842

creationtimestamp| type| source ---|---|--- 2026-07-16 04:24:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqqfcl5gj42h...

7.8CVSS7AI score0.00117EPSS
Exploits0References1
Circl
Circl
added 2 days ago9 views

CVE-2026-12434

creationtimestamp| type| source ---|---|--- 2026-07-16 04:00:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqqdx2slhz2m...

4.3CVSS6.1AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-47085

CVE-2026-47085 affects Cyrus IMAPD (up to 3.12.2). The flaw: URLAUTH token forgery via a missing mboxkey, allowing an attacker who knows a folder name the user never authorized to forge a valid URLAUTH by computing an HMAC-SHA1 with a predictable key, granting read access to the mailbox. Impact i...

4CVSS6.1AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-47086

CYRUS IMAPD has a vulnerability CVE-2026-47086 affecting Cyrus IMAP up to version 3.12.2. The GENURLAUTH feature allows issuance of URLAUTH tokens by any authenticated user for named mailboxes, bypassing ACLs and enabling reading mail from those mailboxes without granted permissions. The issue is...

3.5CVSS6.1AI score0.00169EPSS
Exploits0References2
Rows per page
Query Builder