24h | 7d | 30d

Overview

  • zalando
  • skipper

26 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
HIGH (8.1)
EPSS
0.02%

KEV

Description

Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enable them to use Skipper's network access to reach internal services. Version 0.24.0 disables Kubernetes ExternalName by default. As a workaround, developers can allow list targets of an ExternalName and allow list via regular expressions.

Statistics

  • 1 Post

Last activity: 19 hours ago

Fediverse

Profile picture

🟠 CVE-2026-24470 - High (8.1)

Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enab...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 19h ago

Overview

  • yoyofr
  • modizer

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
Pending

KEV

Description

Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1.

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture

🟠 CVE-2026-24875 - High (7.8)

Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 3h ago

Overview

  • uPress
  • Booter
  • booter-bots-crawlers-manager

23 Jan 2026
Published
26 Jan 2026
Updated

CVSS
Pending
EPSS
0.04%

KEV

Description

Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7.

Statistics

  • 1 Post

Last activity: 16 hours ago

Fediverse

Profile picture

🟠 CVE-2026-24534 - High (8.8)

Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through &lt;= 1.5.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Delta Electronics
  • ASDA-Soft

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.00%

KEV

Description

ASDA-Soft Stack-based Buffer Overflow Vulnerability

Statistics

  • 1 Post

Last activity: 15 hours ago

Fediverse

Profile picture

🟠 CVE-2026-1361 - High (7.8)

ASDA-Soft Stack-based Buffer Overflow Vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 15h ago

Overview

  • Grafana
  • grafana/grafana-enterprise

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.04%

KEV

Description

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel. Sustained traffic with random hashes keeps tripping this timeout, so goroutine count grows linearly, eventually exhausting memory and causing Grafana to crash on some systems.

Statistics

  • 1 Post

Last activity: 9 hours ago

Fediverse

Profile picture

🟠 CVE-2026-21720 - High (7.5)

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine block...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 9h ago

Overview

  • AWS
  • AWS SDK for Ruby

17 Dec 2025
Published
17 Dec 2025
Updated

CVSS v3.1
MEDIUM (5.3)
EPSS
0.01%

KEV

Description

Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for Ruby to version 1.208.0 or later.

Statistics

  • 1 Post

Last activity: 7 hours ago

Bluesky

Profile picture
🔍 Lambda Watchdog detected that CVE-2025-14762 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/362 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 0
  • 0
  • 7h ago

Overview

  • n8n

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
Pending

KEV

Description

n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.

Statistics

  • 1 Post

Last activity: 4 hours ago

Fediverse

Profile picture

🔴 CVE-2026-1470 - Critical (9.9)

n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficie...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 4h ago

Overview

  • ProjectSkyfire
  • SkyFire_548

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
Pending

KEV

Description

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture

🔴 CVE-2026-24872 - Critical (9.8)

improper pointer arithmetic

vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Go standard library
  • crypto/x509
  • crypto/x509

03 Dec 2025
Published
03 Dec 2025
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.

Statistics

  • 1 Post

Last activity: 7 hours ago

Bluesky

Profile picture
🔍 Lambda Watchdog detected that CVE-2025-61727 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/357 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 0
  • 0
  • 7h ago

Overview

  • Essekia
  • Tablesome
  • tablesome

23 Jan 2026
Published
26 Jan 2026
Updated

CVSS
Pending
EPSS
0.03%

KEV

Description

Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.2.

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture

🟠 CVE-2026-24524 - High (8.1)

Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through &lt;= 1.1.35.2.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 3h ago
Showing 31 to 40 of 76 CVEs