1063 matches found
CVE-2026-29063 vulnerabilities
Vulnerabilities for packages: rancher-api-ui, vitess, argo-workflows...
Before You Hand over the Wheel: Evaluating LLMs for Security Incident Analysis
Security incident analysis SIA poses a major challenge for security operations centers, which must manage overwhelming alert volumes, large and diverse data sources, complex toolchains, and limited analyst expertise. These difficulties intensify because incidents evolve dynamically and require...
Malicious AI Assistant Extensions Harvest LLM Chat Histories
Microsoft Defender has been investigating reports of malicious Chromium‑based browser extensions that impersonate legitimate AI assistant tools to harvest LLM chat histories and browsing data. Reporting indicates these extensions have reached approximately 900,000 installs. Microsoft Defender...
How to Avoid Confidentiality Gaps in Early-Stage Startups
Startups often expose sensitive data during pitches and hiring. Learn when to use NDAs and simple workflows to close confidentiality gaps...
BIT-KIBANA-2026-26938 Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF)
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...
BIT-ELK-2026-26938 Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF)
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...
CLEANSTART-2026-BY85815 OpenTelemetry-Go is the Go implementation of OpenTelemetry
Multiple security vulnerabilities affect the argo-workflows package. OpenTelemetry-Go is the Go implementation of OpenTelemetry. See references for individual vulnerability details...
CLEANSTART-2026-MW73882 filippo
Multiple security vulnerabilities affect the argo-workflows package. filippo. See references for individual vulnerability details...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the approval-enabled host=node workflows. An attacker can bypass intended approval integrity by reusing a previously approved request with altered environment...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +936 more potentially affected by CVE-2026-28208 via com.github.junrar:junrar (>=0.7 <=7.5.7)
com.github.junrar:junrar MAVEN version =0.7, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.4, =1.2.0, =1.3.1 and more Source cves: CVE-2026-28208 Source advisory: OSV:GHSA-J273-M5QQ-6825...
CVE-2026-26938
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...
Improper Neutralization of Special Elements Used in a Template Engine
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine in the Workflows module. An attacker with the...
EUVD-2026-8873
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-dynamodb, osv-scanner, terraform-provider-azurerm, trivy, q, kyverno, wolfictl, sops, gitness, nuclei, hydra, argo-events, crossplane-provider-aws-cloudwatchlogs, rclone, extism, atlantis, terragrunt, kyverno-notation-aws,...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-dynamodb, osv-scanner, terraform-provider-azurerm, trivy, q, kyverno, wolfictl, sops, gitness, nuclei, hydra, argo-events, crossplane-provider-aws-cloudwatchlogs, rclone, extism, atlantis, terragrunt, kyverno-notation-aws,...
EUVD-2026-8828
Fleet: Authorization Bypass in certificate template batch deletion for team administrators...
CVE-2026-26938
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...
CVE-2026-26938
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, kubescape-server, argo-events, amazon-ssm-agent, crossplane-provider-aws-firehose, dagger, flux-helm-controller, goreleaser, omni, grafana-alloy-fips, atlantis-fips, crossplane-provider-aws-cognitoidentity-fips, crossplane-provider-aws-kms,...
CVE-2026-26938
Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...