Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47621

Name of the Vulnerable Software and Affected Versions Nebula-Mesh versions prior to 0.3.4 Description An authorization gap in the /api/v1/ route surface allows non-admin operators to obtain broad cross-tenant access. The API trusts the bearer token for authorization without enforcing ownership...

9.9CVSS5.5AI score0.00024EPSS
Exploits0References6
OSV
OSV
added 2026/05/20 5:47 p.m.13 views

MAL-2026-4771 Malicious code in strawberry-graphql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eb433a0339783d1a58993e1611278218492a4349a80801e6c6a2d475278a99c This package is published under the strawberry-graphql name but diverges from the legitimate upstream by declaring a hard runtime dependency on...

5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:38 p.m.8 views

CVE-2026-41693

i18next-fs-backend is a backend layer for i18next using in Node.js and for Deno to load translations from the filesystem. Prior to version 2.6.4, i18next-fs-backend substitutes the lng and ns options directly into the configured loadPath / addPath templates and then read / write the resulting fil...

8.2CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2025/04/26 9:31 p.m.7 views

@blubox/body-parser (>=1.0.0 <=1.0.1), @breautek/storm (>=8.0.0 <=8.4.0) +70 more potentially affected by CVE-2025-46653 via formidable (>=3.2.4 <=3.5.2)

formidable NPM version =3.2.4, =1.0.0, =8.0.0, =0.0.1, =0.0.1, =0.0.1, =3.4.4, =0.1036.4000, =40.0.1, =1.2.1, =0.2.14, =16.0.1, =2.13.1, =2.15.3 and more Source cves: CVE-2025-46653 Source advisory: OSV:GHSA-75V8-2H7P-7M2M...

3.1CVSS5.3AI score0.0036EPSS
Exploits1
OSV
OSV
added 2023/10/26 6:30 p.m.2 views

GHSA-2CQF-6XV9-F22W Elasticsearch vulnerable to Uncontrolled Resource Consumption

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...

7.5CVSS5.8AI score0.01232EPSS
Exploits0References4
OSV
OSV
added 2023/10/26 6:15 p.m.3 views

UBUNTU-CVE-2023-31418

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...

7.5CVSS7.1AI score0.01232EPSS
Exploits0References4
Rows per page
Query Builder