Lucene search
K
RedhatcveRecent

206531 matches found

RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•10 views

CVE-2026-22051

StorageGRID formerly StorageGRID Webscale versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacker with low privileges to run arbitrary metrics queries, revealing metric results that they do not ha...

4.3CVSS5.7AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•9 views

CVE-2026-40563

Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...

8.1CVSS5.4AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•27 views

CVE-2026-48207

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory...

9.8CVSS5.4AI score0.00574EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-48917

Jenkins LDAP Plugin 807.v7d7de30930cf and earlier deserializes data from LDAP referrals without validation...

6.6CVSS5.4AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-40914

A flaw was found in Apache ActiveMQ Artemis. An authenticated user, with existing permissions to send or consume messages via the STOMP protocol, could bypass intended access controls. This vulnerability allows the user to modify the routing-type of an address, even without the necessary...

4.3CVSS5.8AI score0.00372EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-48861

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS5.7AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•9 views

CVE-2026-48919

Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation...

6.6CVSS5.4AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•9 views

CVE-2026-48924

Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

4.3CVSS5.5AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•9 views

CVE-2026-48191

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS5.5AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•9 views

CVE-2026-48923

Jenkins AppSpider Plugin 1.0.17 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS5.5AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-48918

Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default...

6.6CVSS5.4AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-48927

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...

5.5CVSS5.2AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-40279

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS5.5AI score0.00242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•10 views

CVE-2026-39054

Oinone Pamirs 7.0.0 contains a command injection vulnerability in CommandHelper.executeCommands. The method starts a shell process and writes attacker-controlled command strings directly to the process standard input without sanitization. In affected deployments, this can result in arbitrary...

7.3CVSS5.6AI score0.01414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•13 views

CVE-2026-39827

A flaw was found in golang.org/x/crypto/ssh. An authenticated SSH client can cause a Denial of Service DoS by repeatedly opening channels that are rejected by the server. This leads to unbounded memory growth, eventually crashing the server process and affecting all connected users...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-48589

A flaw was found in Apache Shiro's Jakarta EE module. Insufficient validation of the HTTP Referer header, a client-controlled value, could allow an attacker to influence the redirect target after a user login. This vulnerability can be exploited to redirect users to malicious sites, potentially...

5.4CVSS5.8AI score0.00352EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•11 views

CVE-2026-48190

An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...

3.5CVSS5.4AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:45 p.m.•10 views

CVE-2026-48922

Jenkins Credentials Binding Plugin 720.v3f6decef43ea and earlier does not properly sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem, which can lead to remote code execution i...

7.5CVSS6.4AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-48916

Jenkins LDAP Plugin 807.v7d7de30930cf and earlier follows LDAP referrals...

6.6CVSS5.4AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•19 views

CVE-2026-39823

CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a tag's attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the attribute, the escaper would fail to similarly escape it, leading to XSS...

6.1CVSS7.7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-39957

Lychee is a free, open-source photo-management tool. Prior to 7.5.4, a SQL operator-precedence bug in SharingController::listAll causes the orWhereNotNull'usergroupid' clause to escape the ownership filter applied by the when block. Any authenticated non-admin user with upload permission who owns...

4.3CVSS5.6AI score0.00208EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39832

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS5.8AI score0.00403EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•12 views

CVE-2026-39052

Oinone Pamirs 7.0.0 contains a code execution vulnerability via ScriptRunner. The method ScriptRunner.runString expression, String type, Map context evaluates attacker-controlled script expressions through the underlying script engine without sandboxing or allowlist restrictions...

6.5CVSS6AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-39229

Bolt CMS through 3.7.0 allows SQL Injection in the 'order' parameter of the content listing pages. An authenticated attacker with low-level privileges can exploit this through the OrderDirective component. This allows for the extraction of sensitive information...

6.5CVSS5.7AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39047

Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Printing Service JetDirect on TCP port 9100...

7.5CVSS6.1AI score0.00648EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-39276

The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or...

7.2CVSS6AI score0.00782EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39834

A flaw was found in golang.org/x/crypto/ssh. When a remote attacker attempts to write data larger than 4GB in a single call on an SSH Secure Shell channel, an integer overflow occurs in the internal payload size calculation. This vulnerability causes the write loop to spin indefinitely,...

9.1CVSS6AI score0.00466EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39821

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname for example, xn--example-.com returns example.com instead of an error. Applications that validate the ASCII form then convert to Unicode may grant acce...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•12 views

CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

5.3CVSS5.5AI score0.0039EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•13 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS5.5AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-39817

A flaw was found in the "go tool pack" subcommand, a component of the Go programming language tools. This vulnerability allows an attacker to craft a malicious archive file. When this archive is extracted using the "pack" subcommand, it can lead to arbitrary file writes on the filesystem,...

5.9CVSS6.3AI score0.0017EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•8 views

CVE-2026-39871

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data...

7.5CVSS5.4AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•13 views

CVE-2026-39836

The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...

7.5CVSS5.5AI score0.00588EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39349

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source encrypts certain sensitive fields with AES in ECB mode, which preserves block-aligned plaintext patterns in ciphertext and enables pattern disclosure against stored data. This vulnerability i...

2.7CVSS5.5AI score0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39111

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39830

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS5.5AI score0.00533EPSS
Exploits0References8
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-39826

A flaw was found in html/template. A trusted template author could craft a script tag with an empty or whitespace-only 'type' attribute. This vulnerability causes the template engine to incorrectly escape data passed into the script block, potentially leading to cross-site scripting XSS. An...

6.1CVSS5.3AI score0.00371EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39107

A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is...

6.3CVSS5.8AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39831

A flaw was found in golang.org/x/crypto/ssh. The Verify method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially...

9.1CVSS5.9AI score0.00373EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39835

A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...

7.5CVSS5.7AI score0.00394EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39112

Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject arbitrary JavaScript that is later executed when the malicious input is viewed in...

5.4CVSS5.6AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•9 views

CVE-2026-39829

A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during...

7.5CVSS4.9AI score0.00415EPSS
Exploits0References8
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.4AI score0.00784EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39419

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged resu...

3.1CVSS5.6AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-39824

NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number of bytes, it returns a truncated string rather than an error...

3.3CVSS5.5AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•10 views

CVE-2026-0041

In multiple functions of ubsanthrowingruntime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS5.8AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•8 views

CVE-2026-39819

The "go bug" command writes to two files with predictable names in the system temporary directory for example, "/tmp". An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink...

5.3CVSS5.5AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•12 views

CVE-2026-0050

In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.6AI score0.00068EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•12 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

9.4CVSS5.7AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:44 p.m.•11 views

CVE-2026-0238

A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields...

4.8CVSS5.6AI score0.00105EPSS
Exploits0References1
Total number of security vulnerabilities206531