382 matches found
Zoho ManageEngine OpManager - SQL Injection
Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL...
GHSA-WXV8-W48J-R2F4 vulnerabilities
Vulnerabilities for packages: python...
ROOT-OS-DEBIAN-12-CVE-2025-39751 CVE-2025-39751 in rootio-linux - Patched by Root
Root has patched CVE-2025-39751 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
CVE-2026-46877
...
CVE-2026-46803
...
CVE-2026-46770
Technical details are not publicly available in the provided documents for CVE-2026-46770. Monitor for updates.
CVE-2026-35324
...
CVE-2026-35278
...
offensive-claude-604
Offensive Security Research Config for Claude Code !TIP...
CVE-2026-45684
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...
CVE-2026-46826
...
podman security update
An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...
CLEANSTART-2026-AQ33378 Security fixes for ghsa-gxhx-2686-5h9g applied in versions: 2.12.0-r0
Security vulnerability affects the kubewatch package. This issue is resolved in later releases. See references for vulnerability details...
PT-2026-41418
wow CVE-2026-22931203921321321...
hubzoid (>=0.2.2 <=0.4.5), openwebui-token-tracking (>=0.1.7 <=0.1.10) +1 more potentially affected by CVE-2026-45400 via open-webui (>=0.6.0 <=0.8.8)
open-webui PYPI version =0.6.0, =0.2.2, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-45400 Source advisory: SNYK:PYTHON-OPENWEBUI-16755281...
GHSA-X23J-RGR4-MP7M vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-40129
creationtimestamp| type| source ---|---|--- 2026-05-12 05:02:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmz4iwkgu2q 2026-05-12 14:20:28+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:06+00:00| seen|...
CVE-2024-30167
CVE-2024-30167 affects Atlona AT-OME-MS42 Matrix Switcher (version 1.1.2). The vulnerability arises in /cgi-bin/time.cgi where a POST containing a serverName parameter allows remote authenticated users to execute arbitrary commands as root. Documented impact: arbitrary code execution with root pr...
CLEANSTART-2026-SP87460 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0
Security vulnerability affects the apache-zookeeper package. This issue is resolved in later releases. See references for vulnerability details...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +21 more potentially affected by CVE-2026-44114 via openclaw (>=0.0.1 <=2026.4.2)
openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-44114 Source advisory: OSV:GHSA-HXVM-XJVF-93F3...