Lucene search
K

4501 matches found

CVE
CVE
added 2026/06/26 7:27 p.m.12 views

CVE-2026-44736

OpenProject vulnerability CVE-2026-44736 affects the OpenProject web-based project management platform. The flaw exists in the GET /api/v3/relations endpoint prior to version 17.4.0, allowing any authenticated user to retrieve relations and the titles of work packages they should not have permiss...

6.5CVSS5.9AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:0 p.m.29 views

CVE-2026-52781 OpenProject: Stored XSS on openproject.example.com through /api/v3/projects/{project}/work_packages via POST parameter "description"

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the HTML sanitizer grants elements unrestricted data- attributes via :data wildcard. An attacker injects data-controller="poll-for-changes" into a work package description, causing Stimulus.js to mount ...

6.4CVSS0.0015EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 7:0 p.m.13 views

CVE-2026-52781

OpenProject CVE-2026-52781 affects the open-source, web-based project management software. Prior to versions 17.3.3 and 17.4.1, the HTML sanitizer allowed elements to have unrestricted data-* attributes via a :data wildcard. An attacker could inject data-controller="poll-for-changes" into a work...

6.4CVSS5.9AI score0.0015EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 6:54 p.m.8 views

CVE-2026-52785

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a SQL injection in timestamps functionality. OpenProject baseline comparison allows callers to request historic work-package attributes using the timestamps parameter. This vulnerability is fix...

9.9CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/26 6:54 p.m.19 views

CVE-2026-52785

OpenProject prior to versions 17.3.3 and 17.4.1 contains a SQL injection in the timestamps functionality. The vulnerability is tied to the baseline comparison feature, where the timestamps parameter can be used to request historic work-package attributes. The issue is fixed in 17.3.3 and 17.4.1. ...

9.9CVSS5.8AI score0.00221EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.6 views

SUSE CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52904

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.2 OpenProject versions prior to 17.4.0 Description An authorization flaw exists where the 'GET /api/v3/shares' endpoint returns share details for all work packages within a project to any user possessing the...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52908

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.4.0 Description An issue exists where the endpoint GET /api/v3/meetings/:meeting id/agenda items/:agenda item id discloses private work package data. This occurs when a linked work package belongs to a project...

4.3CVSS5.8AI score0.00214EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/25 11:21 p.m.6 views

kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS0.00466EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.32 views

CVE-2026-53198 ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS0.00466EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39289

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

5.7AI score0.00466EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53198

The CVE-2026-53198 issue affects ksmbd in the Linux kernel: a deferred byte-range lock (SMB2_LOCK) uses async_work with a cancel_fn (smb2_remove_blocked_lock) and cancel_argv pointing to a file_lock. If a second SMB2_CANCEL arrives before release_async_work(), the cancel callback can run again on...

8.8CVSS5.7AI score0.00466EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.5 views

PT-2026-52294

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ksmbd module of the Linux kernel. A deferred byte-range lock registers asynchronous work via setup async work, where the cancel fn is set to smb2...

8.8CVSS6AI score0.00466EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/mbcache: cancel shrink work before destroying the cache mbcachedestroy calls shrinkerfree and then frees all cache entries and the cache itself, but it does...

7.8CVSS5.9AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 8:45 p.m.10 views

CVE-2026-53100

A flaw was found in the Linux kernel's mt76 wireless driver. This vulnerability occurs in the remain-on-channel functionality, where the mt76remainonchannel and mt76roccomplete functions attempt to acquire a mutex that is already held. This improper handling of the device mutex can lead to a syst...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-53129

In the Linux kernel, the following vulnerability has been resolved: fs/mbcache: cancel shrink work before destroying the cache mbcachedestroy calls shrinkerfree and then frees all cache entries and the cache itself, but it does not cancel the pending cshrinkwork work item first. If...

7.8CVSS0.00117EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38997

In the Linux kernel, the following vulnerability has been resolved: fs/mbcache: cancel shrink work before destroying the cache mbcachedestroy calls shrinkerfree and then frees all cache entries and the cache itself, but it does not cancel the pending cshrinkwork work item first. If...

5.7AI score0.00117EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:30 p.m.13 views

CVE-2026-53129

CVE-2026-53129 affects the Linux kernel mbcache shrink path. The bug occurs when mb_cache_destroy() frees memory without canceling the pending c_shrink_work, allowing mb_cache_shrink_worker() to access freed memory if mb_cache_entry_create() scheduled work via schedule_work() and the work item is...

7.8CVSS5.7AI score0.00117EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder