Lucene search
K

4530 matches found

Vulnrichment
Vulnrichment
added 2026/06/04 11:56 a.m.9 views

CVE-2025-52606 HCL iControl was affected by Weak Input Validation vulnerability. .

HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during implementation of an architectural security tactic. Received input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expecte...

4.3CVSS5.8AI score0.00169EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:56 a.m.15 views

CVE-2025-52606

Technical details about CVE-2025-52606 are not publicly provided in the supplied documents. No affected products, versions, exploit info, or remediation are specified here. Monitor for updates.

4.3CVSS5.8AI score0.00169EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:45 a.m.46 views

CVE-2026-10803 MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

3.6CVSS0.00103EPSS
Exploits1References7
NVD
NVD
added 2026/06/04 10:16 a.m.16 views

CVE-2026-10800

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS0.00075EPSS
Exploits0References8
CVE
CVE
added 2026/06/04 9:45 a.m.23 views

CVE-2026-10800

The CVE-2026-10800 entry concerns PaddlePaddle FastDeploy up to 2.4.1, specifically the MultimodalHasher component’s hasher.py hash_features function. The weakness can allow manipulation that leads to the use of a weak hash, with exploitation requiring local access and carries a high attack compl...

3.6CVSS5.2AI score0.00075EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by the Indian company HCL. HCL iControl has a security vulnerability, which stems from weak input validation. This issue arises due to incorrect validation of input types during the implementation of architectural...

4.3CVSS5.3AI score0.00169EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 6:13 p.m.36 views

CVE-2026-8881 CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

0.00163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 6:13 p.m.7 views

CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

5.7AI score0.00163EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/03 6:13 p.m.9 views

CVE-2026-8881 CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

5.7AI score0.00163EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 6:13 p.m.17 views

CVE-2026-8881

The CVE-2026-8881 entry affects the Securly Chrome Extension (version 3.0.7). It relies on EVP_BytesToKey with MD5 and a single iteration for AES encryption. The description notes that MD5 has been broken since 2004 and a single iteration provides no key stretching, which weakens the cryptographi...

7.5CVSS5.7AI score0.00163EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/03 10:40 a.m.13 views

EUVD-2026-34076

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36609

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...

7.3CVSS5.8AI score0.00166EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/02 5:41 p.m.18 views

Important: Red Hat Security Advisory: Red Hat Data Grid 8.6.1 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

10CVSS7AI score0.01735EPSS
Exploits6References14
OSV
OSV
added 2026/06/02 8:40 a.m.6 views

SUSE-SU-2026:2222-1 Security update for hplip

This update for hplip fixes the following issues Security issues: - CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. - CVE-2026-8631: escalation of privileges and/or arbitrary code execution via ...

9.8CVSS6.4AI score0.01333EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/06/02 7:22 a.m.50 views

CVE-2026-1784 Ose-cluster-ingress-operator: remote code execution through haproxy configuration injection

The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration...

8.8CVSS0.0015EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 7:4 a.m.9 views

Security Bulletin: Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Summary Security Vulnerabilities have been addressed in IBM Verify Identity Access and IBM Security Verify Access Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected ...

9.1CVSS7.5AI score0.00864EPSS
Exploits1Affected Software2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

QloApps 安全漏洞

QloApps is an open-source hotel management and reservation system developed by QloApps. Versions of QloApps 1.7.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of MD5 for password hashing in the Tools.php file. Weak encryption algorithms allowed...

8.2CVSS5.4AI score0.00178EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.12 views

Learn from Your Mistakes: Tree-Like Self-Play for Secure Code LLMs

While Large Language Models LLMs excel in code generation, they remain prone to replicating subtle yet critical vulnerabilities endemic to their training data. Current alignment techniques, such as Supervised Fine-Tuning SFT and Reinforcement Learning RL, typically apply coarse-grained optimizati...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.15 views

PT-2026-45777

Name of the Vulnerable Software and Affected Versions transmission versions prior to 4.1.2 Description A clickjacking weakness exists in the browser-facing WebUI and RPC response paths. Clickjacking is a technique where an attacker uses transparent or opaque layers to trick a user into clicking o...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2026/06/02 12:0 a.m.9 views

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.3CVSS5.8AI score0.00305EPSS
Exploits0
Rows per page
Query Builder