Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/05/14 2:36 p.m.4 views

EUVD-2026-30298

OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving...

2.3CVSS5.8AI score0.00036EPSS
Exploits0References3
OSV
OSVadded 2026/04/21 6:27 p.m.0 views

GHSA-P49J-V9WC-WG57 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation

Impact OpenBao's namespaces provide multi-tenant separation. A tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. Patches This was addressed in v2.5.3...

2CVSS5.8AI score0.0005EPSS
Exploits0References6
EUVD
EUVDadded 2026/04/21 6:26 p.m.2 views

EUVD-2026-24035

OpenBao's SQL Injection in PostgreSQL database secrets engine...

4.6CVSS5.8AI score0.00032EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/04/21 5:26 p.m.5 views

OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate

Background OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login...

3.1CVSS5.6AI score0.00021EPSS
Exploits0References6Affected Software1
EUVD
EUVDadded 2026/04/15 5:26 p.m.0 views

EUVD-2026-22991

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...

7.4CVSS5.8AI score0.00086EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/27 9:23 p.m.0 views

EUVD-2026-16870

LinkAce is a self-hosted archive to collect website links. In versions prior to 2.5.3, a private note attached to a non-private link can be disclosed to a different authenticated user via the web interface. The API appears to correctly enforce note visibility, but the web link detail page renders...

6.5CVSS5.8AI score0.00044EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2023/02/15 3:29 a.m.3 views

SUSE CVE-2022-21729

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS6.6AI score0.0022EPSS
Exploits1References3
Rows per page
Query Builder