CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Hacker News•added 2026/05/22 5:36 a.m.•11 views

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2026-20223 CVSS score: 10.0, the vulnerability arises from insufficient validation and authentication when...

10CVSS5.9AI score0.00064EPSS

Exploits1

Vulnrichment•added 2026/05/20 4:6 p.m.•7 views

CVE-2026-20223 Cisco Secure Workload Unauthorized API Access Vulnerability

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...

CVE•added 2026/05/20 4:6 p.m.•79 views

CVE-2026-20223

Cisco Secure Workload is affected by a vulnerability in the access validation of internal REST APIs that could allow an unauthenticated, remote attacker to access site resources with Site Admin privileges. The issue arises from insufficient validation/authentication when accessing REST API endpoi...

ATTACKERKB•added 2026/05/20 4:6 p.m.•7 views

CVE-2026-20223

Exploits1References2Affected Software1

EUVD•added 2026/05/20 4:6 p.m.•6 views

EUVD-2026-31131

Cisco•added 2026/05/20 4:0 p.m.•7 views

Cisco Secure Workload Unauthorized API Access Vulnerability

Positive Technologies•added 2026/05/20 12:0 a.m.•9 views

PT-2026-42193

Name of the Vulnerable Software and Affected Versions Cisco Secure Workload versions prior to 3.10.8.3 Cisco Secure Workload versions prior to 4.0.3.17 Description Insufficient validation and authentication in the internal REST API endpoints of Cisco Secure Workload allow an unauthenticated remot...

10CVSS6AI score0.00064EPSS

Exploits1References51

CNNVD•added 2026/05/20 12:0 a.m.•5 views

Cisco Secure Workload 访问控制错误漏洞

Cisco Secure Workload is a software product developed by Cisco Corporation in the United States. It allows users to install software agents on their application workloads. There is an access control vulnerability in Cisco Secure Workload, which stems from insufficient access validation in the...

10CVSS6AI score0.00064EPSS

NVD•added 2026/05/15 3:16 a.m.•6 views

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

6.8CVSS0.00017EPSS

Cvelist•added 2026/05/15 2:48 a.m.•32 views

CVE-2023-31309

6.8CVSS0.00017EPSS

CVE•added 2026/05/15 2:48 a.m.•12 views

CVE-2023-31309

CVE-2023-31309 describes an improper validation vulnerability in AMD's Power Management Firmware (PMFW). The issue allows a user with privileges to pass malformed workload arguments when exporting table data from the System Management Unit (SMU) to DRAM, potentially causing loss of confidentialit...

6.8CVSS5.8AI score0.00017EPSS

Positive Technologies•added 2026/05/15 12:0 a.m.•5 views

PT-2026-41239

6.8CVSS5.8AI score0.00017EPSS

Exploits0References2

CNNVD•added 2026/05/15 12:0 a.m.•6 views

AMD Radeon 输入验证错误漏洞

AMD Radeon is a set of device driver and utility software developed by American semiconductor company AMD, used for Advanced Micro Devices graphics cards and GPUs. AMD Radeon has a vulnerability related to input validation. This vulnerability arises from improper validation, which may allow...

6.8CVSS5.8AI score0.00017EPSS