Lucene search
K

129 matches found

CVE
CVE
added 5 days ago8 views

CVE-2026-56360

n8n is affected in versions prior to 1.123.18 and 2.6.2 where the ZendeskTrigger node fails to verify HMAC-SHA256 signatures on Zendesk webhooks. This allows attackers who know the webhook URL to send unsigned POST requests, potentially triggering workflows with arbitrary data. No remediation det...

6.3CVSS6.1AI score0.00186EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/05/14 3:16 p.m.75 views

CVE-2026-44484

PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism...

9.8CVSS0.00392EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/14 2:59 p.m.89 views

CVE-2026-44484 Compromise of PyTorch Lightning PyPi Package Versions

PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism...

9.3CVSS0.00392EPSS
Exploits0References1
Veracode
Veracode
added 2026/05/09 5:42 a.m.6 views

Credential Harvesting Functionality

pytorchlightning is vulnerable to credential harvesting functionality. The vulnerability is due to the introduction of functionality in versions 2.6.2 that is consistent with a credential harvesting mechanism, which allows an attacker to capture or misuse sensitive credentials through malicious...

9.8CVSS5.9AI score0.00392EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 12:52 a.m.12 views

Compromise of PyTorch Lightning PyPi Package Versions

Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions Published: 2026-04-30 Last Updated: 2026-05-12 Github Advisory: CVE-2026-44484 We have identified a security incident affecting certain versions of one of our PyPI packages. What happened We have determined that one or more...

9.8CVSS5.9AI score0.00392EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/21 12:4 a.m.6 views

JLSEC-2026-174

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

9.8CVSS7.2AI score0.69899EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

emlog SQL注入漏洞

Emlog is an open-source CMS website building system based on PHP and MySQL. Versions of Emlog 2.6.2 and earlier have a SQL injection vulnerability. This vulnerability stems from the updateTagName function in the include/model/tagmodel.php file, which directly inserts user input into the SQL query...

6.5CVSS5.9AI score0.00343EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/24 9:31 p.m.2 views

Deserialization of Untrusted Data

Overview nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the torch.load checkpoint and model import paths in the nemo collections and checkpoint utilities. An attacker can execute arbitrary code...

9.8CVSS6.3AI score0.00641EPSS
Exploits0References2
CVE
CVE
added 2026/03/06 12:19 p.m.17 views

CVE-2018-25189

Data Center Audit 2.6.2 contains an SQL injection vulnerability in the username parameter of dca_login.php that allows unauthenticated attackers to submit crafted SQL payloads via POST to extract sensitive DB information (usernames, database names, version details). CVSS vectors: CVSS3.1 (AV:N/AC...

8.8CVSS6.1AI score0.00237EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : mercurial-2.6.2-6.el7 (AXSA:2016-223:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-223:01 advisory. Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start:...

8.8CVSS7.4AI score0.05405EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/10 6:11 a.m.26 views

CVE-2026-22703 Cosign verification accepts any valid Rekor entry under certain conditions

Cosign provides code signing and transparency for containers and binaries. Prior to versions 2.6.2 and 3.0.4, Cosign bundle can be crafted to successfully verify an artifact even if the embedded Rekor entry does not reference the artifact's digest, signature or public key. When verifying a Rekor...

5.5CVSS0.00077EPSS
Exploits1References3
OSV
OSV
added 2026/01/09 12:0 a.m.6 views

OPENSUSE-SU-2026:10026-1 python311-urllib3-2.6.2-1.1 on GA media

These are all security issues fixed in the python311-urllib3-2.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

8.9CVSS6.7AI score0.00633EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.11 views

CVE-2022-27240

scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...

9.8CVSS7.4AI score0.01496EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-9985

Malware in sbrugna...

9.8CVSS9.3AI score0.01489EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23231

Malware in sbrugna...

7.5CVSS7.6AI score0.00894EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-3824

Malware in sbrugna...

7.5CVSS7.4AI score0.01411EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-45093

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00769EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-25360

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00309EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-5851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The freeoptions function in optionsmanager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a...

5.5CVSS6.1AI score0.00936EPSS
Exploits1References3
NVD
NVD
added 2025/08/20 8:15 a.m.7 views

CVE-2025-49891

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...

8.5CVSS0.00309EPSS
Exploits0References1
Rows per page
Query Builder