Lucene search
K

367610 matches found

CVE
CVE
added 2026/05/27 9:38 p.m.30 views

CVE-2026-9739

CVE-2026-9739 describes a DNS rebinding vulnerability due to a hardcoded Access-Control-Allow-Origin: * in the SSE initialization handler, despite earlier attempts to align with MCP security guidelines using allowed-origins and allowed-hosts. The issue specifically affects users connecting via To...

9.4CVSS5.8AI score0.00279EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 9:35 p.m.26 views

CVE-2026-45309

CVE-2026-45309 is a reserved entry with no public technical details in the Initial document, but connected documents describe a concrete vulnerability in AsyncSSH. Affected: AsyncSSH (Python package, pip ecosystem), version 2.22.0. Root cause: the OpenSSH-compatible AuthorizedKeysFile token %u is...

0.00221EPSS
Exploits0
CVE
CVE
added 2026/05/27 9:32 p.m.15 views

CVE-2026-45322

CVE-2026-45322 affects Microsoft UFO (open-source framework for intelligent automation) up to v3.0.0. The issue is an OS command injection in the shell action replay path: ShellReceiver.run_shell() takes a command string from action parameters and passes it to subprocess.Popen() with shell=True a...

7.8CVSS5.7AI score0.01722EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:5 p.m.23 views

CVE-2026-45152

CVE-2026-45152 affects uniget prior to 0.27.1, where a command injection is possible via the check field loaded from untrusted JSON metadata. The implementation runs /bin/bash -c on tool.Check, allowing an attacker-controlled value to execute arbitrary shell commands during common operations (des...

7.8CVSS6.4AI score0.00715EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:2 p.m.18 views

CVE-2026-44720

OpenLearnX (pre-2.0.4) has a critical authentication vulnerability where JWT signature verification is disabled, enabling an attacker to bypass authentication and take over user accounts. Impact is unauthorized access under specific conditions; the issue is fixed in 2.0.4. Remediation: upgrade to...

6.9CVSS5.8AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:0 p.m.21 views

CVE-2026-45083

Goobi viewer (4.8.0–26.04.0/1) exposed a vulnerable REST endpoint POST /api/v1/index/stream that accepted arbitrary Solr streaming expressions from unauthenticated clients and forwarded them to the backend Solr server without restriction. This allowed reading the complete Solr index and, in defau...

9.8CVSS5.9AI score0.0041EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 8:59 p.m.20 views

CVE-2026-9208

Technical details are not publicly available in the provided documents. Monitor for updates.

8.8CVSS6.2AI score0.00421EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/27 8:56 p.m.22 views

CVE-2026-44247

CVE-2026-44247 : Volcano’s webhook server does not enforce a size limit on incoming HTTP request bodies. Any in-cluster pod that can reach the webhook endpoint may send an arbitrarily large request body, potentially causing the webhook server to be killed by OOM. All Volcano deployments with the ...

7.4CVSS5.8AI score0.00173EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/27 8:52 p.m.23 views

CVE-2026-45137

Summary: CVE-2026-45137 affects Anchor (Solana programs) where Program validation fails due to using Pubkey::default() as a sentinel, causing System and () to be treated equivalently and allowing any executable program in place of the system program. Impact: potential arbitrary CPI or payment byp...

8.2CVSS5.9AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:48 p.m.17 views

CVE-2026-45136

Claude Code cache proxy claude-code-cache-fix is vulnerable to local code execution due to a Python triple-quote injection in tools/quota-statusline.sh. From v3.5.0–v3.5.1, user-controlled payloads can embed a ''' sequence which closes the Python literal and executes subsequent bytes in the user’...

8.6CVSS5.9AI score0.00188EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/05/27 8:42 p.m.28 views

CVE-2026-44660

Summary of CVE-2026-44660 : UltraJSON’s ujson.dump() to a file-like object can leak memory if the underlying write() raises an exception. The root cause is that the temporary JSON string created during objToJSONFile() is not decremented on early return, causing memory growth proportional to the p...

8.7CVSS5.8AI score0.00421EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/05/27 8:24 p.m.21 views

CVE-2026-44712

pam_usb on Linux is vulnerable prior to 0.8.7 due to two issues: (1) a crafted filesystem UUID or config UUID can trigger root RCE when pamusb-conf --reset-pads is run, and (2) userName from the XML config is passed to os.system(), invoking a shell via pamusb-agent. Some USB controllers may permi...

8.2CVSS5.8AI score0.00154EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:20 p.m.16 views

CVE-2026-44709

CVE-2026-44709 affects pam_usb: prior to version 0.8.7, the pamusb-pinentry component reads the PINENTRY_FALLBACK_APP environment variable and executes it directly without validation. Any process that can set environment variables before pamusb-pinentry runs can point PINENTRY_FALLBACK_APP to an ...

7.8CVSS6AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:19 p.m.18 views

CVE-2026-44710

pam_usb for Linux is affected by a NULL pointer dereference in src/device.c prior to 0.8.7, where return values from udisks_drive_get_serial(), udisks_drive_get_vendor(), and udisks_drive_get_model() were passed directly to strcmp() without NULL checks. The GIO/UDisks API can return NULL for thes...

4.6CVSS5.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:18 p.m.15 views

CVE-2026-44711

The CVE concerns the pam_usb project for Linux. Affected: pam_usb versions prior to 0.8.7. Root cause: symlink attacks on the pad directory and pad files. Impact: authentication bypass and potential root file corruption. The issue is fixed in version 0.8.7. There is no explicit exploitation statu...

7.9CVSS5.8AI score0.00166EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 8:15 p.m.15 views

CVE-2026-21785

CVE-2026-21785 relates to a misconfigured Content Security Policy (CSP) in HCL BigFix Remote Control Server WebUI (versions ≤ 10.1.0.0442). The CSP failures occur because directives are defined without fallbacks, enabling attackers to bypass intended security restrictions and load unauthorized re...

4CVSS5.8AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:13 p.m.14 views

CVE-2026-44713

Pam_usb vulnerability: in versions prior to 0.8.7, src/tmux.c reads the TMUX environment variable, splits on commas, and interpolates the socket-path directly into a shell command passed to popen(), placing the value inside double quotes without sanitisation. This allows an attacker-controlled va...

8.8CVSS5.9AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:11 p.m.20 views

CVE-2026-47269

CVE-2026-47269 affects pam_usb on Linux. The deny_remote feature checks utmpx ut_addr_v6[0] to identify remote sessions, but IPv4-mapped IPv6 addresses cause the check to fail (ut_addr_v6[0] == 0, while the IPv4 address is in ut_addr_v6[3]), so remote SSH connections can be treated as local. As a...

7.4CVSS5.9AI score0.00307EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 8:10 p.m.18 views

CVE-2026-47270

CVE-2026-47270 affects the pam_usb PAM module used for Linux hardware authentication. The denial logic (deny_remote) uses non-reentrant strtok(), with three functions sharing a global token pointer; in multi-threaded authentication (e.g., long-lived display managers like GDM), two concurrent auth...

6.3CVSS5.9AI score0.00108EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 8:8 p.m.18 views

CVE-2026-47271

The CVE affects pam_usb prior to version 0.9.0, where out-of-memory guards in src/mem.c (xmalloc/xrealloc/xstrdup) were removed when NDEBUG is defined. With no NULL checks after allocation, NULL pointer dereferences occur, causing a crash in the PAM module loaded by sudo or login and leading to l...

5.1CVSS5.8AI score0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 8:6 p.m.16 views

CVE-2026-47272

pam_usb for Linux allows local authentication bypass before version 0.9.0 due to pusb_pad_compare() only checking the user-side pad (~/.pamusb/device.pad) and not requiring the system-side pad on the USB device to be present. A local user can delete or obscure their own device.pad to bypass the U...

7.1CVSS5.9AI score0.00119EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:3 p.m.15 views

CVE-2026-47273

CVE-2026-47273 affects pam_usb on Linux prior to 0.9.0. The vulnerability arises when pam_usb builds XPath expressions from user-supplied identifiers (PAM username, service name) and device-supplied identifiers (USB serial, model, vendor) to query /etc/pamusb.conf without validating XPath metacha...

6.5CVSS5.9AI score0.00273EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 8:2 p.m.16 views

CVE-2026-47274

CVE-2026-47274 affects pam_usb on Linux prior to 0.9.0. The issue stems from several pam_usb helper tools resolving external binaries via PATH instead of absolute paths, enabling a local attacker to substitute malicious binaries when they can influence the process environment during PAM authentic...

6.3CVSS5.9AI score0.00141EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 7:59 p.m.18 views

CVE-2026-48064

Summary: pam_usb prior to 0.9.1 allowed a remote XDMCP session to bypass USB authentication when deny_remote=false, because the PAM_RHOST check was gated inside the deny_remote branch. Technical details (supported): pam_usb provides hardware authentication for Linux via removable media. In affect...

8.1CVSS5.8AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 7:58 p.m.16 views

CVE-2026-48065

The CVE-2026-48065 issue affects pam_usb for Linux prior to version 0.9.1. In src/conf.c, heap memory is allocated as size proportional to n_devices (derived from libxml2 XPath on the config file) without an upper bound. On 32-bit targets (armv7l, i686 listed in the Makefile), n_devices * sizeof(...

6.7CVSS5.9AI score0.00149EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 7:58 p.m.19 views

CVE-2026-44982

The CVE entry CVE-2026-44982 is reserved with no public details in the Initial document; however, connected documentation provides concrete details about a CrowdSec AppSec issue. The advisory GHSA-RW47-HM26-6WR7 states that CrowdSec AppSec fails to read the HTTP request body for requests where Co...

0.00038EPSS
Exploits0
CVE
CVE
added 2026/05/27 7:57 p.m.13 views

CVE-2026-48066

pam_usb fixes a thread-unsafe behavior: before 0.9.1, src/log.c used a process-wide static pointer written on every PAM invocation to a stack-local address, creating a data race when PAM is invoked concurrently by multiple threads. The issue is resolved in version 0.9.1. Affected component: pam_u...

5.7CVSS5.8AI score0.00116EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 7:57 p.m.16 views

CVE-2026-44981

CVE-2026-44981 / GHSA-273H-GVWR-C3QJ (CrowdSec LAPI) : The vulnerability arises from using gin-contrib/gzip with GlobalDecompressHandle that decompresses request bodies without a maximum decompressed size. Attackers can send small gzip-compressed JSON payloads that decompress into hundreds of MB,...

0.00115EPSS
Exploits0
CVE
CVE
added 2026/05/27 7:55 p.m.14 views

CVE-2026-48792

The connected sources confirm a vulnerability in pam_usb for Linux prior to 0.9.1: evdev.c silently ignores EACCES when opening /dev/input/event* nodes, causing pusb_has_virtual_input_device() to incorrectly report no virtual devices even if opens fail due to insufficient permissions. As a result...

4.4CVSS5.8AI score0.00128EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 7:49 p.m.16 views

CVE-2026-8359

The CVE concerns Gladinet Triofox on processing requests for /status or /sysinfo, where WOSHttpStatusModule.dll should load to handle the path. The root cause is that WOSHttpStatusModule.dll is not present in the installation, causing the WOSBin_LoadHttpModule export to be NULL and a call to addr...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:47 p.m.16 views

CVE-2026-8360

CVE-2026-8360 affects the Triofox server components using WOSCommonUtil.dll, specifically the function WOSSysInfoGetDeviceInterface() called by DLLs such as WOSProfileMgrModule.dll and WOSWebDavModule.dll . The vulnerability arises when these calls can return a NULL pointer (e.g., when no user is...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:44 p.m.18 views

CVE-2026-8361

Summary (CVE-2026-8361): A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path that starts with /woshome. The CVSS 3.1 base score is 7.5 (High) with network attack vector, no user interaction, and no privileges required; confidentiality impact is High, other...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:42 p.m.20 views

CVE-2026-8362

CVE-2026-8362 describes a stack-based buffer overflow in WOSDefaultHttpModule.dll when processing long URL paths starting with /woshome. Affected software/component: WOSDefaultHttpModule.dll. Root cause: unbounded processing of long URL path leading to overflow. Impact is described as high confid...

9.8CVSS6.1AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:40 p.m.14 views

CVE-2026-8363

CVE-2026-8363: A stack-based buffer overflow in WOSDeviceDropFolder.dll occurs when processing a long URL path starting with /resources. Documented under Gladinet Triofox; affected component is WOSDeviceDropFolder.dll. CVSS v3.1 shows a critical base score of 9.8 (Network, No user interaction, pr...

9.8CVSS6.1AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:38 p.m.19 views

CVE-2026-8364

Affected software: Gladinet Triofox Cloud Server Agent (GladServerAgentService.exe). Vulnerability behavior: listens on TCP port 7878 and processes remote HTTP messages with URL paths /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache. Impact: CVSS 3.1 base score 9.8; con...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:35 p.m.34 views

CVE-2026-45134

LangSmith CVE-2026-45134 affects LangSmith Client SDKs with prompt-pull methods that fetch/deserialize prompt manifests from LangSmith Hub. The issue allows manifest content to be influenced by external parties when pulling a public prompt (owner/name), because prior SDKs did not distinguish such...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:26 p.m.28 views

CVE-2026-44724

CVE-2026-44724 affects the node.js library systeminformation (Linux) from versions 4.17.0 through 5.31.5. The issue is a command-injection flaw in networkInterfaces() caused by unsanitized NetworkManager connection profile names being interpolated into shell commands executed via execSync(), afte...

7.8CVSS5.8AI score0.0062EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 7:23 p.m.29 views

CVE-2026-44590

The CVE-2026-44590 entry concerns the Sherlock project’s GitHub Actions workflow validate_modified_targets.yml. Before version 0.16.1, a command-injection vulnerability in the pull_request_target flow allowed any GitHub user to execute arbitrary commands on the CI runner and exfiltrate the workfl...

9.3CVSS6.1AI score0.01141EPSS
Exploits1References1
CVE
CVE
added 2026/05/27 7:20 p.m.33 views

CVE-2026-44681

CVE-2026-44681 affects Authlib’s OpenID implementation (OpenIDImplicitGrant and OpenIDHybridGrant). An unauthenticated open redirect can occur when a request omits the openid scope, causing the server to redirect with a 302 to an attacker-controlled URL. The root cause is that the scope check hap...

6.1CVSS5.8AI score0.00203EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/05/27 7:16 p.m.21 views

CVE-2026-44886

Pi.Alert’s web interface is vulnerable to unauthenticated blind SQL injection in the /pialert/php/server/devices.php endpoint when action=getDevicesTotals is used and the scansource parameter is injected. From 2024-06-29 until 2026-05-07, unauthenticated users could trigger the vulnerability; the...

8.7CVSS5.9AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:15 p.m.18 views

CVE-2026-44887

CVE-2026-44887 affects Pi.Alert, a WIFI/LAN intruder detector with a web service. The vulnerability arises from the web-based configuration editor allowing arbitrary Python code to be injected into pialert.conf; the background scan daemon loads this file with Python’s exec(), causing the injected...

9.8CVSS6AI score0.00545EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:14 p.m.27 views

CVE-2026-44888

Pi.Alert vulnerability CVE-2026-44888: unauthenticated RCE via SaveConfigFile() config injection. Prior to 2026-05-07, numeric config values (e.g., SMTP_PORT) were written into pialert.conf without validation; pialert.conf is loaded with Python exec() every 3–5 minutes by a background cron, allow...

9.8CVSS6AI score0.00314EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 6:53 p.m.24 views

CVE-2026-45108

Himmelblau (interoperability suite for Microsoft Azure Entra ID and Intune) contains an authentication bypass in the Device Authorization Grant (DAG) flow for versions 2.0.0–3.1.4 and 2.3.0–2.3.10. The root cause is in token_validate, which verified domain aliases but did not ensure the authentic...

8.4CVSS5.8AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 6:50 p.m.20 views

CVE-2026-45102

CVE-2026-45102 concerns OneUptime, an open-source monitoring platform. Prior to version 10.0.98, OneUptime used Node.js vm module as an isolation primitive, which is not intended for security boundaries and can be escaped via error objects and infinite recursion, potentially enabling remote code ...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 6:41 p.m.26 views

CVE-2026-45104

MapServer CVE-2026-45104 describes a NULL pointer dereference in SLD parsing of rules when exposed via WMS SLD_BODY. From 6.4.0 through before 8.6.3, msSLDParseUserStyle calls _SLDApplyRuleValues(psRule, psLayer, 1) for any with , assuming one class was added. If the rule has no symbolizer (sti...

7.5CVSS5.8AI score0.0032EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/05/27 6:37 p.m.12 views

CVE-2026-42877

CVE-2026-42877 describes a stored XSS in FacturaScripts where the product variant field referencia is injected into an onclick attribute in SalesModalHTML.php and PurchasesModalHTML.php without proper escaping. The vulnerability allows an authenticated user with warehouse access to create a malic...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 6:33 p.m.35 views

CVE-2026-9759

CVE-2026-9759 describes a NULL pointer dereference in the ROHC protocol dissector of Wireshark, affecting Wireshark versions 4.6.0–4.6.5 and 4.4.0–4.4.15, which can lead to a denial of service. The provided documents identify the affected components and the impact but do not specify a patch versi...

5.5CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/27 6:31 p.m.21 views

CVE-2026-47161

RELATE is affected by CVE-2026-47161 due to Celery workers configured to deserialize untrusted pickle data prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb. An attacker who can reach the message broker can execute arbitrary commands on the host, and due to insufficient network isolation i...

8.7CVSS6.5AI score0.00489EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 6:30 p.m.19 views

CVE-2026-42197

CVE-2026-42197 affects RELATE, a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 are vulnerable to a stored XSS via an unprivileged user profile. The vulnerability arises in the get_user() method of ParticipationAdmin, which renders user-controlled ...

8.7CVSS5.9AI score0.0031EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 6:29 p.m.24 views

CVE-2026-42879

CVE-2026-42879 affects FacturaScripts

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
Total number of security vulnerabilities367610