Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

162080 matches found

Debian CVE
Debian CVEadded 2026/06/10 8:23 p.m.6 views

CVE-2026-48107

Russh is a Rust SSH client & server library. From version 0.37.0 to before version 0.61.0, in the russh client keyboard-interactive authentication path, a malicious SSH server could send a USERAUTHINFOREQUEST with an attacker-controlled prompt count, and the client would use that raw count direct...

6.5CVSS5.4AI score0.00232EPSS
Exploits0
CVE
CVEadded 2026/06/10 8:22 p.m.20 views

CVE-2026-10143

CVE-2026-10143 affects kafka-python prior to 2.3.2. The denial‑of‑service arises from ScramClient.process_server_first_message() passing the broker‑provided SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation in scram.py. This can freeze the client event loop, blocking prod...

8.7CVSS5.5AI score0.00388EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/06/10 7:16 p.m.16 views

CVE-2026-50638

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::DogStatsd which extends...

9.1CVSS0.00343EPSS
Exploits0References4
Snyk
Snykadded 2026/06/10 7:12 p.m.6 views

Reliance on Untrusted Inputs in a Security Decision

Overview litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision through the AllowedHostsMiddleware in the host validation middleware. An attacker can bypa...

6.3CVSS5.4AI score0.00024EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/06/10 6:32 p.m.7 views

CVE-2026-50638 Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::DogStatsd which extends...

5.8AI score0.00343EPSS
Exploits0References4
CVE
CVEadded 2026/06/10 6:32 p.m.20 views

CVE-2026-50638

CVE-2026-50638 affects Metrics::Any::Adapter::DogStatsd (Perl) versions before 0.04. The issue arises because the DogStatsd adapter does not validate newline or statsd control characters in tags, enabling potential metric injections when multiple metrics are sent per UDP/TCP packet. The vulnerabi...

9.1CVSS5.8AI score0.00343EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/06/10 6:32 p.m.11 views

EUVD-2026-36105

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics,separated by newlines, to be sent per packet. Metrics::Any::Adapter::DogStatsd which extends...

9.1CVSS5.4AI score0.00343EPSS
Exploits0References3
CVE
CVEadded 2026/06/10 6:32 p.m.21 views

CVE-2026-50637

The CVE concerns Metrics::Any::Adapter::Statsd (Perl) prior to v0.04, where the send path did not validate metric names/values, allowing metric injections when names contain newlines and statsd control characters (colon, pipe). This vulnerability affects Metrics::Any::Adapter::Statsd and related ...

8.2CVSS5.8AI score0.00323EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2026/06/10 6:17 p.m.11 views

CVE-2026-50569

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, HTTPTriggerSpec.Validate validated Methods, FunctionReference, Host, IngressConfig, and CorsConfig, but silently skipped RelativeU...

4.3CVSS0.00227EPSS
Exploits0References3
NVD
NVDadded 2026/06/10 6:17 p.m.10 views

CVE-2026-50545

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough lacked validation, and MergePodSpec propagated dangerous...

9.9CVSS0.003EPSS
Exploits0References4
NVD
NVDadded 2026/06/10 6:17 p.m.13 views

CVE-2026-49823

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS0.00265EPSS
Exploits0References3
NVD
NVDadded 2026/06/10 6:16 p.m.12 views

CVE-2026-20255

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious classic dashboard that...

5.7CVSS0.00245EPSS
Exploits0References1
NVD
NVDadded 2026/06/10 6:16 p.m.14 views

CVE-2026-20257

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/10 6:12 p.m.7 views

CVE-2026-11701

An insufficient validation of untrusted input flaw was found in the Guest View component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516413817...

5.4CVSS5.4AI score0.00178EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/10 6:11 p.m.7 views

CVE-2026-11697

An insufficient validation of untrusted input flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518105731...

9.6CVSS5.4AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/10 6:11 p.m.8 views

CVE-2026-11691

An insufficient validation of untrusted input flaw was found in the New Tab Page component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517585486...

6.8CVSS5.4AI score0.00169EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/10 6:8 p.m.7 views

CVE-2026-11686

An insufficient validation of untrusted input flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517247333...

6.8CVSS5.4AI score0.00171EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/10 6:8 p.m.7 views

CVE-2026-11685

An insufficient data validation flaw was found in the MediaCapture component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517183713...

7.4CVSS5.4AI score0.00177EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/10 6:8 p.m.7 views

CVE-2026-11682

An insufficient validation of untrusted input flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517103584...

8.3CVSS5.4AI score0.00192EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/10 6:8 p.m.7 views

CVE-2026-11675

An insufficient validation of untrusted input flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516915337...

6.8CVSS5.4AI score0.002EPSS
Exploits0References5
Rows per page
Query Builder