372120 matches found
CVE-2026-55950
This CVE (CVE-2026-55950) describes a TOCTOU race in Erlang/OTP ssl (dtls_packet_demux.erl) where a DTLS listener’s shared demux process can be crashed by an unauthenticated remote attacker sending rapid ClientHello datagrams from the same source IP/port. The race in the internal gb_trees store l...
CVE-2026-54886
The vulnerability CVE-2026-54886 affects Erlang/OTP's SSH server side (ssh_sftpd) and allows an authenticated SFTP client to trigger an infinite loop on a channel by sending SSH_MSG_CHANNEL_EXTENDED_DATA. The handle_data/4 clause tail-calls itself when a non-zero data_type_code arrives with an em...
CVE-2026-55952
Summary: The Erlang/OTP ssl module is vulnerable to a TLS 1.3 denial of service due to a mismatch between PSK identity list and binder list lengths in the ClientHello extension. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with unequal identities/binders is passed ...
CVE-2026-54887
CVE-2026-54887 concerns Erlang/OTP's DTLS server in ssl, where during startup the cookie secret is initialized to an empty binary instead of a random value. This makes DTLS cookie computation deterministic for the first 0–15 seconds, allowing an observer of plaintext ClientHello to forge a valid ...
CVE-2026-53422
CVE-2026-53422 describes an observable response discrepancy in Erlang/OTP ssh_sftpd where the REALPATH handling bypasses the root check, enabling an authenticated SFTP user to determine the existence of files/directories outside the configured root. The uncanonicalized path can trigger resolve_sy...
CVE-2026-50281
Craft CMS vulnerability CVE-2026-50281 affects versions 5.7.0 through 5.9.20. A mass-assignment flaw in the bulk-duplicate element action allows an attacker who can duplicate their own entries to submit an arbitrary id via the newAttributes parameter. The duplication flow clones the source elemen...
CVE-2026-44935
The vulnerability (CVE-2026-44935) affects SUSE Rancher Fleet’s Helm Deployer where missing validation of valuesFrom references enables cross-tenant access to fleet credentials stored in secrets/config maps on downstream clusters. Affected versions include Fleet 0.15.x before 0.15.2, 0.14.x befor...
CVE-2026-50027
Technical details for CVE-2026-50027 are not publicly available in the provided documents. No affected products, components, impact, or remediation are specified. Monitor for updates and additional disclosures.
CVE-2026-44941
CVE-2026-44941: libzypp path traversal via the keyhint option in repomd.xml parsing was fixed in libzypp 17.38.13. The issue allowed a malicious repository to inject/overwrite files as root due to treating keyhint as a path. The remediation is to upgrade libzypp components (and related libsolv/li...
CVE-2026-58455
Dockwatch 0.6.567 is affected by an unauthenticated OS command injection. The flaw arises from a missing exit() after an authentication redirect in loader.php and unsanitized input passed to shell_exec() in ajax/compose.php, allowing an attacker to seed a session flag via an incomplete auth check...
CVE-2026-56004
The vulnerability CVE-2026-56004 affects the obs tar_scm source service’s mercurial handler. A shellcode injection in the mercurial handler could allow an attacker who supplies a crafted _service file to execute code as the source service or as the local user checking out the malicious services, ...
CVE-2026-55114
The CVE-2026-55114 entry concerns UniFi Network Application. Affected component: the UniFi Network Application itself, with an Improper Access Control vulnerability that allows a user with network access and low privileges to escalate privileges within the application. The CVSSv3.1 vector (AV:N/A...
CVE-2026-55119
The CVE-2026-55119 entry concerns a vulnerability in UniFi Talk Application described as Improper Access Control that could allow a user with network access and low privileges to escalate privileges within the UniFi Talk Application. This is supported by the connected documents which cite a CVSS ...
CVE-2026-56842
CVE-2026-56842 : A vulnerability in UniFi Network Application allows a malicious actor with network access to persist privileges after the access is removed, due to an Incorrect Authorization flaw. The CVSS v3.1 base score is 7.5 (HIGH) with vector AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H. Affected co...
CVE-2026-56841
CVE-2026-56841 describes an authenticated SQL Injection vulnerability in UniFi Protect Application. A network-accessible attacker with low privileges can exploit this to escalate privileges on the host device. Affected software: UniFi Protect Application (specific versions not stated in the provi...
CVE-2026-55113
CVE-2026-55113 involves a Server-Side Request Forgery (SSRF) in the UniFi Talk Application that can allow a remote attacker with network access to cause a Denial of Service and bypass authentication on certain UniFi Talk API endpoints. The vulnerability affects the UniFi Talk platform’s API surfa...
CVE-2026-55112
Technical details for CVE-2026-55112 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-55115
The CVE-2026-55115 entry describes a Server-Side Request Forgery (SSRF) in the UniFi Protect Application that could allow a low-privilege, network-accessible attacker to escalate privileges on the host. The available sources state the affected component as the UniFi Protect Application and identi...
CVE-2026-55118
CVE-2026-55118 concerns UniFi Network Application with an Improper Access Control flaw that could allow a malicious actor with network access and low privileges to escalate privileges within the UniFi Network Application. The connected records provide CVSS 3.1 details (AV:N/AC:L/PR:L/UI:N/S:U/C:L...
CVE-2026-55117
The CVE-2026-55117 entry describes a path traversal vulnerability in UniFi Access Application. The vulnerability could allow an attacker with network access to access files on the host device via the affected component, exposing potentially sensitive information. Documented details do not specify...