Lucene search
K
CvelistRecent

364119 matches found

Cvelist
Cvelist
added 2026/06/24 4:28 p.m.26 views

CVE-2026-52957 libceph: Fix potential null-ptr-deref in decode_choose_args()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. When decoding this CRUSH map in crushdecode, an array of maxbuckets CRUSH buckets is...

7.5CVSS0.0053EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.26 views

CVE-2026-52958 libceph: Fix potential out-of-bounds access in osdmap_decode()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...

9.1CVSS0.00544EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.26 views

CVE-2026-52956 libceph: Fix potential out-of-bounds access in __ceph_x_decrypt()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field of this struct is accessed. This happens without any guarantee that t...

7.5CVSS0.00359EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.28 views

CVE-2026-52955 libceph: Fix potential out-of-bounds access in crush_decode()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...

9.8CVSS0.00377EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.29 views

CVE-2026-52954 libceph: handle rbtree insertion error in decode_choose_args()

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

7.5CVSS0.0053EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.24 views

CVE-2026-52953 iommu/vt-d: Fix oops due to out of scope access

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address 0x7fffffff844eaaa7: 0000 1 SMP NOPTI Call Trace: dorawspinlock+0xaa/0x...

7.1CVSS0.00133EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52952 iommu: Fix WARN_ON in __iommu_group_set_domain_nofail() due to reset

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARNON in iommugroupsetdomainnofail due to reset In iommugroupsetdomaininternal, concurrent domain attachments are rejected when any device in the group is recovering. This is necessary to fence concurrent attachments ...

8.8CVSS0.00131EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52951 drm/xe/dma-buf: handle empty bo and UAF races

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here when triggering the invalidatemappings hook: 1 We do xeboalloc followed by the attach, before the actual full bo init step in xedmabufinitobj...

7.8CVSS0.00132EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS0.00132EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.26 views

CVE-2026-52949 drm/ttm: Fix ttm_bo_shrink() infinite LRU walk on backup failure

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboshrink infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad "drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure" to the ttmboshrink path. Move delbulkmove from before the backup to...

0.00162EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.26 views

CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS0.00135EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.28 views

CVE-2026-52948 i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl

In the Linux kernel, the following vulnerability has been resolved: i2c: dev: prevent integer overflow in I2CTIMEOUT ioctl While fuzzing with Syzkaller, a persistent scheduletimeout: wrong timeout value warning was observed, accompanied by SMBus controller state machine corruption. The I2CTIMEOUT...

0.00185EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.27 views

CVE-2026-52946 fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling

In the Linux kernel, the following vulnerability has been resolved: fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling A SOFTIRQ-safe to SOFTIRQ-unsafe lock order deadlock can occur in sendsigio and sendsigurg when a process group receives a signal. When FASYNC is configured for a proces...

7.5CVSS0.00612EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.29 views

CVE-2026-52945 Revert "wireguard: device: enable threaded NAPI"

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS0.00307EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 3:50 p.m.38 views

CVE-2026-54297 Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nestin...

7.5CVSS0.00391EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/24 3:46 p.m.31 views

CVE-2026-54906 concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

2.1CVSS0.0016EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 3:44 p.m.32 views

CVE-2026-54904 concurrent-ruby: `AtomicReference#update` livelocks when the stored value is `Float::NAN`

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

8.2CVSS0.00278EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/24 3:42 p.m.30 views

CVE-2026-54905 concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used...

2CVSS0.00106EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 3:37 p.m.44 views

CVE-2026-13164 Unauthenticated self-registration in MailerUp allows access to stored email data

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS0.00406EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:26 p.m.33 views

CVE-2026-50712 Frappe Framework 17.0.0-dev - Stored XSS in Tree View node label rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the frappe.ui.Tree component...

4.8CVSS0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:18 p.m.30 views

CVE-2026-50711 Frappe Framework 17.0.0-dev - Stored XSS in Number Card filter fields rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:8 p.m.34 views

CVE-2026-50710 Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:4 p.m.32 views

CVE-2026-50709 Frappe Framework 17.0.0-dev - Stored XSS in Notifications Events color rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Notifications Events panel...

4.8CVSS0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:3 p.m.38 views

CVE-2026-55488 motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read

motionEye mEye is an online interface for a piece of software called "motion," which is a video surveillance program with motion detection. Versions prior to 0.44.0 contain an absolute path traversal vulnerability in multiple media file handlers that allows an attacker to read arbitrary files fro...

8.7CVSS0.00623EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/24 2:58 p.m.30 views

CVE-2026-50708 Frappe Framework 17.0.0-dev - Stored XSS in Multi Select Dialog result rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the MultiSelectDialog component...

4.8CVSS0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:51 p.m.29 views

CVE-2026-50705 Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering

A Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the Form Dashboard headline renderer...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:49 p.m.33 views

CVE-2026-56121 Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization

Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The userdefinedfunction.body field of an OnDemandFeatureView spec is decoded from...

9.8CVSS0.00862EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/24 2:46 p.m.32 views

CVE-2026-50704 Frappe Framework 17.0.0-dev - Reflected/Stored XSS in File View breadcrumbs rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the File View breadcrumb renderer...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:42 p.m.31 views

CVE-2026-50703 Frappe Framework 17.0.0-dev - Stored XSS in Desktop Icon label rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

4.8CVSS0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:33 p.m.34 views

CVE-2026-50701 Frappe Framework 17.0.0-dev - Reflected DOM XSS in dashboard-view breadcrumb rendering

A Reflected Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the dashboard-view component...

5.1CVSS0.00268EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:31 p.m.37 views

CVE-2026-56111 Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler

Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESHBEDLEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single...

9.1CVSS0.00542EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/24 2:27 p.m.29 views

CVE-2026-50700 Frappe Framework 17.0.0-dev - Stored XSS in frappe.get_avatar image rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the frappe.getavatar function...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:20 p.m.32 views

CVE-2026-50699 Frappe Framework 17.0.0-dev - Stored XSS in Auto Repeat dashboard schedule rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...

4.6CVSS0.00313EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:17 p.m.32 views

CVE-2026-50698 Frappe Framework 17.0.0-dev - Stored XSS in Audit Trail template rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input before generating HTML output in the Audit Trail component...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:8 p.m.33 views

CVE-2026-12986

A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...

8.8CVSS0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 2:1 p.m.33 views

CVE-2026-11877 Missing Authorization Vulnerability in OpenText Access Manager

An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager. This issue affects Access Manager before 5.1.3...

6.3CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 2:1 p.m.33 views

CVE-2026-11878 Reflected Cross-Site Scripting vulnerability in OpenText Access Manager

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText Access Manager allows Cross-Site Scripting XSS. This issue affects Access Manager: from 5.1 through 5.1.2...

8.2CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:37 p.m.36 views

CVE-2026-12537 Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows

Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...

10CVSS0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:21 p.m.36 views

CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS0.00331EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.43 views

CVE-2026-57306

A cross-site request forgery CSRF vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b450b1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.32 views

CVE-2026-57307

A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b450b1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57304

A missing permission check in Jenkins Assembla Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username and password...

0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.32 views

CVE-2026-57305

A cross-site request forgery CSRF vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified username and password...

0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57303

Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing attackers able to control the responses of the configured Assembla server to extract secrets from the Jenkins controller or perform server-side request forgery...

0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57301

Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller...

0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57302

Jenkins FitNesse Plugin 1.36 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Extended Read permission or access to the Jenkins controller file system...

0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.30 views

CVE-2026-57300

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.32 views

CVE-2026-57299

Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata...

0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.33 views

CVE-2026-57298

A cross-site request forgery CSRF vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL using an attacker-specified username, API key, and service key...

0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.29 views

CVE-2026-57296

Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...

0.00595EPSS
Exploits0References1
Total number of security vulnerabilities364119