Lucene search
K
VulnrichmentRecent

161693 matches found

Vulnrichment
Vulnrichment
•added 2026/06/29 8:42 p.m.•6 views

CVE-2026-55276 Apache Tomcat: Logged effective web.xml is incomplete

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

5.7AI score0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:42 p.m.•4 views

CVE-2026-13758 CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

5.8AI score0.00295EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 8:41 p.m.•7 views

CVE-2026-53434 Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

5.7AI score0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:39 p.m.•5 views

CVE-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

5.7AI score0.00413EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:36 p.m.•4 views

CVE-2026-50229 Apache Tomcat: XSS in number guess example

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...

5.7AI score0.00423EPSS
Exploits1References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:21 p.m.•4 views

CVE-2026-34594 Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated command injection vulnerability in the Destination Network Management functionality allows users with destination management permissions to execute arbitra...

8.8CVSS6.6AI score0.01092EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:18 p.m.•6 views

CVE-2026-34597 Coolify: Authenticated Host RCE

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticated Host Remote Code Execution RCE vulnerability was discovered in Coolify. The flaw resides in the handling of user-defined build parameters for the...

8.8CVSS6.2AI score0.00526EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:16 p.m.•6 views

CVE-2026-41896 Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the application's manualwebhooksecretgithub field, which is used by Coolify's webhook endpoints to validate incoming requests, is nullable with no default —...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:12 p.m.•10 views

CVE-2026-57498 Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams' Servers

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controllers consistently validate server ownership with Server::whereTeamId$teamId before any operation. However, multiple Livewire web UI components accept...

9.6CVSS5.8AI score0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 8:3 p.m.•7 views

CVE-2026-13763 HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF

Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This iss...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 8:3 p.m.•8 views

CVE-2026-13762 HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF

Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue was...

9.8CVSS5.8AI score0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43716

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00297EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•9 views

CVE-2026-43700

A cross-origin issue was addressed with improved tracking of security origins. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information...

5.7AI score0.0015EPSS
Exploits1References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43720

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00289EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•6 views

CVE-2026-39868

This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory...

5.7AI score0.00371EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43721

This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data...

5.7AI score0.00245EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-39872

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00194EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43717

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00189EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•8 views

CVE-2026-43740

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory...

5.8AI score0.00203EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•6 views

CVE-2026-43701

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox...

5.7AI score0.00182EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•6 views

CVE-2026-43663

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00194EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43726

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00189EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•8 views

CVE-2026-43706

A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00182EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•10 views

CVE-2026-43746

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00196EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43707

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.1AI score0.00307EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43727

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00196EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:43 p.m.•7 views

CVE-2026-43731

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption...

5.8AI score0.00201EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43724

The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or write kernel memory...

6AI score0.00142EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•8 views

CVE-2026-43732

A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information...

5.7AI score0.00255EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43708

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin...

5.8AI score0.00205EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•5 views

CVE-2026-43745

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00297EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43712

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00202EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•8 views

CVE-2026-43704

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash...

5.7AI score0.00218EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•7 views

CVE-2026-43705

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption...

5.8AI score0.00275EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43713

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Visiting a website may leak sensitive data...

5.7AI score0.00312EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•7 views

CVE-2026-43709

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.0024EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43699

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.0024EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43725

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox...

5.7AI score0.00314EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•8 views

CVE-2026-43676

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00257EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•8 views

CVE-2026-43743

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination...

5.7AI score0.00096EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•5 views

CVE-2026-43722

The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to leak sensitive kernel state...

6AI score0.00147EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43734

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.0024EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•7 views

CVE-2026-43718

A stack overflow was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00284EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•7 views

CVE-2026-28979

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00247EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•5 views

CVE-2026-43735

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin...

5.8AI score0.00163EPSS
Exploits1References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•7 views

CVE-2026-43703

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•6 views

CVE-2026-43715

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption...

5.8AI score0.0036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:42 p.m.•8 views

CVE-2026-43742

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.0025EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/06/29 7:38 p.m.•9 views

CVE-2026-56018 JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

5.9AI score0.00609EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/29 7:38 p.m.•8 views

CVE-2026-56017 JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

5.8AI score0.00488EPSS
Exploits0References1
Total number of security vulnerabilities161693