366378 matches found
CVE-2026-45552
CVE-2026-45552 affects Roxy-WI web interface (versions up to 8.2.6.4). The install blueprint allows bp.before_request → @jwt_required(), but several endpoints under /install/* (install_exporter, install_waf, install_geoip, check_geoip, get_exporter_version, get_task_status) lack admin/ownership c...
CVE-2026-53472
A flaw in Red Hat Migration Planner permits an authenticated attacker to store a malicious javascript: URL in AgentStatusUpdate.CredentialUrl. When a victim views this URL in the Hybrid Cloud Console, it can lead to Cross-Site Scripting (XSS), enabling script execution in the victim’s session and...
CVE-2026-53470
CVE-2026-53470 affects migration-planner. An authenticated attacker can exploit an improper access control on /api/v1/sources/{id}/image-url to bypass ownership checks and obtain presigned S3 URLs for other users’ Open Virtual Appliance (OVA) images, potentially downloading images containing long...
CVE-2026-53476
The CVE-2026-53476 vulnerability affects the assisted-migration-agent and is triggered by an unauthenticated attacker on the same LAN who crafts a gzipped tarball to exploit a path traversal flaw, bypassing security checks and writing arbitrary files to the system. This leads to potential unautho...
CVE-2026-53475
CVE-2026-53475 affects the assisted-migration-agent. The component hardcodes insecure TLS connections when communicating with vCenter, enabling a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials, potentially granting unauthorized access to vCenter. The ...
CVE-2026-53471
CVE-2026-53471 affects the migration-planner project, specifically the agent-api middleware. The UpdateSourceInventory and UpdateAgentStatus handlers fail to validate the source_id claim in JWTs against the requested source ID. Root cause: missing validation allows an authenticated attacker with ...
CVE-2026-53474
Migration-planner is affected by a second-order SQL injection via uploads of RVTools .xlsx files. The flaw arises from improper input sanitization and causes malicious SQL embedded in a spreadsheet cell to execute when cluster names are processed, enabling arbitrary file reading on the host (pote...
CVE-2026-53473
The CVE affects the migration-planner-ui-app and describes a cross-site scripting (XSS) flaw in which an attacker can register a malicious discovery agent using a crafted credentialUrl containing JavaScript. When an organizational user clicks the link in the UI, the embedded code executes in the ...
CVE-2026-53469
Migration-planner is affected. An authenticated user can issue a DELETE to /api/v1/sources that is not properly authorized/filtered, permitting destruction of all tenant data (sources, agents, assessments) and causing critical loss of availability and integrity across the SaaS platform. Affected ...
CVE-2026-53689
CVE-2026-53689 relates to libnfs up to 6.0.2 (before commit 55c18ea). The issue is that libnfs_zdr_string in lib/libnfs-zdr.c does not validate a string size, causing an integer overflow when connecting to a crafted NFS server. The CVSS data indicates network attacker, high impact to confidential...
CVE-2026-48031
The connected advisories describe CVE-2026-48031 context as a hardcoded JWT signing secret (“random”) in the Go REST API boilerplate project github.com/dhax/go-base. This weakness enables token forgery, allowing an attacker to forge admin or privileged tokens and access protected API endpoints. T...
CVE-2026-48051
Summary of CVE-2026-48051 / GHSA-5G86-85RP-F9HX : Papra’s webhook delivery system contains an SSRF protection bypass that allows an authenticated user to cause the server to fetch internal addresses (127.0.0.0/8, RFC-1918, ::1, etc.) by abusing redirects. The vulnerable code uses ofetch.raw() wit...
CVE-2026-48037
The connected OSV/GHSA entry for GHSA-CJ8G-PRCM-MFG5 documents a vulnerability in @hulumi/baseline (
CVE-2026-48036
The connected advisories describe a vulnerability in the drift classifier of the npm package @hulumi/drift prior to version 1.4.0. The root cause is that the classifier used each adapter’s detected flag and did not verify adapter success, leading to two issues: (1) transient adapter failures coul...
CVE-2026-48035
The connected advisories indicate a concrete issue in the npm package @hulumi/baseline prior to version 1.4.0, where the startup-hardened audit bucket could be weakened (three failure modes: false objectLock on startup bucket, forceDestroy risk on teardown, and sandbox tier omission). This could ...
CVE-2026-48034
An advisory describes a vulnerability in @hulumi/policies
CVE-2026-48033
Technical details for CVE-2026-48033 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-48032
The connected advisories describe a vulnerability in @hulumi/policies prior to version 1.4.0 where a JSON array of Federated providers in an IAM trust policy could bypass the G_OIDC wildcard checks, treating a GitHub OIDC provider as non-GitHub and allowing overly permissive sub: conditions. Impa...
CVE-2026-53442
CVE-2026-53442 affects Jenkins 2.567 and earlier, LTS 2.555.2 and earlier. The issue: secrets posted via config.xml are not encrypted before being stored in job config.xml files on the Jenkins controller, allowing disclosure to users with Item/Extended Read permissions or filesystem access. This ...
CVE-2026-53441
Summary: CVE-2026-53441 affects Jenkins core 2.483–2.567 and LTS 2.492.1–2.555.2, where the description field for an offline cause can be stored via the POST config.xml API, enabling stored XSS. This requires attacker permission at Agent/Configure level. What’s known from provided sources: The vu...
CVE-2026-53439
CVE-2026-53439 : In Jenkins up to 2.567 and earlier, and LTS up to 2.555.2, missing permission checks allow users with Overall/Read to determine other users’ configured timezone and to enumerate other users’ My Views. The CVSS v3.1 base score is 4.3 (Medium; AV N, AC L, PR L, UI N, S U, C L, I N,...
CVE-2026-53440
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-53438
Summary: CVE-2026-53438 affects Jenkins 2.567 and earlier (including LTS 2.555.2 and earlier). A missing permission check allows attackers who have Item/Cancel permission but lack Item/Read permission to cancel queue items they are not allowed to view. What’s affected: Jenkins core queue cancella...
CVE-2026-53437
Jenkins 2.567 and earlier, and LTS 2.555.2 and earlier, are affected by a vulnerability where the redirect URL after login is improperly determined to point to Jenkins if it contains tab or newline characters between //, enabling phishing attacks. The root cause is improper handling/validation of...
CVE-2026-53436
Jenkins 2.567 and earlier, and LTS 2.555.2 and earlier, are affected by a login-redirect validation issue: the system may treat a redirect URL containing relative path segments (./ or ../) as legitimate, which enables phishing attacks by steering users to attacker-controlled destinations after lo...
CVE-2026-53435
CVE-2026-53435 affects Jenkins 2.567 and earlier, including LTS 2.555.2 and earlier. The root cause is unsafe deserialization due to a deserialization sink that bypasses a ClassFilter, allowing an attacker who can POST a config.xml to deserialize arbitrary core/plugin types and reach them via HTT...
CVE-2025-71329
The CVE-2025-71329 vulnerability affects image-size up to version 2.0.2 and is triggered by a crafted image buffer containing a zero-valued size field in a recognized box-type, causing an infinite loop in the JXL or HEIF parsers and permanently blocking the Node.js event loop (DoS). Impact is den...
CVE-2025-71330
The CVE-2025-71330 issue affects image-size
CVE-2026-52759
Ghidra is affected by CVE-2026-52759 through the Mach-O binary parser prior to version 12.1.1. The vulnerability arises from an uncontrolled memory allocation when parsing Mach-O files with an arbitrarily large ncmds load command count, causing the parser to allocate excessive heap memory without...
CVE-2026-52758
Summary: Ghidra before 12.1 suffers a SQL injection in the BSim filter types where user-supplied values are directly concatenated into SQL queries without escaping or parameterization. This enables remote attackers to inject arbitrary SQL via the BSim network query protocol, potentially reading, ...
CVE-2026-52757
Ghidra before 12.1 is affected by a heap-use-after-free in the decompiler’s HighVariable::merge() during the variable merging pass. The issue can be triggered by a crafted binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereferenced, leading to reads/writes of ...
CVE-2026-52756
CVE-2026-52756 affects Ghidra before 12.2. The IsfServer component accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation, enabling unauthenticated path traversal. Remote attackers can connect to port 54321 and send crafted protob...
CVE-2026-52755
Ghidra prior to version 12.0.4 is affected by a path traversal vulnerability in the theme import functionality. An attacker can craft theme ZIP files containing traversal sequences in filenames to write outside the intended theme directory, enabling arbitrary code execution or modification of sen...
CVE-2026-52754
Ghidra prior to 12.1 is affected by an authentication bypass in PKIAuthenticationModule.authenticate(). An attacker presenting a valid CA-signed certificate with a null signature can impersonate other users, enabling privilege escalation. Documented impacts include modifying repository access con...
CVE-2026-52753
Ghidra
CVE-2026-52752
CVE-2026-52752 affects Ghidra prior to 12.0.2. The path traversal flaw is in the extension installer and arises from insufficient validation of ZIP entry names during extraction, allowing crafted extensions with ../ sequences to write files outside the intended directory and potentially achieve c...
CVE-2026-49069
The CVE-2026-49069 entry refers to the WordPress WPZOOM Portfolio plugin (versions
CVE-2026-52751
Affected software : Ghidra before 12.1. Vulnerability : Unsafe deserialization in client-side Shared-Project RMI connection code enables unauthenticated remote code execution when a crafted ghidra:// project file is opened via File → Open Project. The attack deserializes untrusted objects using a...
CVE-2026-52750
Ghidra prior to 12.1 on Windows contains a command-injection in URL annotation handling: cmd.exe metacharacters are not properly escaped. This allows an attacker to execute arbitrary commands under the Ghidra user by embedding a malicious URL in a program comment and having a victim click it. Aff...
CVE-2026-49498
Ghidra 11.0 before 12.1 is affected by a SQL injection in PostgresFunctionDatabase.changePassword(), which fails to escape double quotes in usernames interpolated into ALTER ROLE statements. Authenticated attackers can craft username parameters in PasswordChange network messages to inject SQL com...
CVE-2026-49497
CVE-2026-49497 concerns Ghidra before 12.1, which contains a path traversal flaw in the SameDirDebugInfoProvider. The bug arises because filenames from ELF binary .gnu_debuglink sections are not validated before file paths are built, enabling a local attacker to craft malicious ELF binaries with ...
CVE-2026-49496
Ghidra
CVE-2026-49495
Ghidra 10.2 before 12.1 contains an uncontrolled resource-consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie can cause unbounded queue growth and exponential...
CVE-2024-58350
Ghidra prior to 11.2 contains a use-after-free in the Sleigh backend caused by undefined static initialization order of SleighArchitecture::translators and XmlArchitectureCapability singletons. This can enable an attacker to trigger an infinite loop or denial of service during shutdown due to uns...
CVE-2026-9758
Technical details (affected versions, root cause specifics, exploitation status) are not publicly available in the provided documents. Monitor for updates from CVE sources and connected feeds.
CVE-2026-24067
Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool (com.slatedigital.connect.privileged.helper.tool) that exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The root cause is a PID-based client validation that is vulnerable to a time-of-check time-of-u...
CVE-2026-24066
Slate Digital Connect 1.37.0 for macOS exposes a privileged helper tool (com.slatedigital.connect.privileged.helper.tool) that serves an XPC service (com.slatedigital.connect.privileged.helper.tool2). The root cause is that the helper validates connecting XPC clients by checking only the subject....
CVE-2026-11859
CVE-2026-11859 concerns an HTML injection vulnerability in the Canarytokens Canarytokens 'fetch links' email. Affected: Canarytokens builds derived from Docker tag sha-c0f3cf142 before sha-08c3f93d and Git commit c0f3cf142 before 08c3f93d. Root cause: HTML injection in the email content used for ...
CVE-2026-52884
Technical details are not publicly available in the provided documents. Monitor for updates as more information may be released.
CVE-2026-11853
CVE-2026-11853 affects Debusine. The vulnerability arises in the parser for Debian source packages (.dsc) and upload artifacts (.changes), where it accepts arbitrary fully user-controlled paths. The mergeuploads task could be exploited to create arbitrary symbolic links on a worker, overwriting a...