CVE-2026-33210

Overview

ruby
json

20 Mar 2026

Published

23 Mar 2026

Updated

CVSS v4.0

HIGH (8.3)

EPSS

0.04%

MITRE

KEV

Description

Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allow_duplicate_key: false parsing option is used to parse user supplied documents. This issue has been patched in versions 2.15.2.1, 2.17.1.2, and 2.19.2.

Statistics

1 Post

Last activity: 23 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🚨 New CRITICAL CVE detected in AWS Lambda 🚨 CVE-2026-33210 impacts json in 1 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/485 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless

0
0
0
23h ago

CVE-2026-35414

Overview

OpenBSD
OpenSSH

02 Apr 2026

Published

02 Apr 2026

Updated

CVSS v3.1

MEDIUM (4.2)

EPSS

0.02%

MITRE

KEV

Description

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

Statistics

1 Post

Last activity: 1 hour ago

Bluesky

Undercode Testing @undercode.bsky.social

Critical OpenSSH Authentication Bypass Vulnerability Grants Root Shell Access – Patch Immediately (CVE-2026-35414) + Video Introduction: A critical authentication bypass vulnerability in OpenSSH (CVE-2026-35414) has remained undetected for 15 years, affecting nearly all OpenSSH versions released…

0
0
0
1h ago

CVE-2026-43824

Overview

argoproj
Argo CD

02 May 2026

Published

02 May 2026

Updated

CVSS v3.1

HIGH (7.7)

EPSS

Pending

MITRE

KEV

Description

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

Statistics

1 Post

Last activity: 8 hours ago

Fediverse

OffSequence @offseq

⚠️ HIGH-severity vuln (CVE-2026-43824) in Argo CD 3.2.0 – 3.2.10 & 3.3.0 – 3.3.8: ServerSideDiff leaks cleartext Kubernetes Secrets. Restrict feature use & monitor for patches. Details: https://radar.offseq.com/threat/cve-2026-43824-cwe-212-improper-removal-of-sensiti-5eb1043e #OffSeq #ArgoCD #Kubernetes #Vuln

0
0
0
8h ago

CVE-2025-14917

Overview

IBM
WebSphere Application Server - Liberty

25 Mar 2026

Published

27 Mar 2026

Updated

CVSS v3.1

MEDIUM (6.7)

EPSS

0.01%

MITRE

KEV

Description

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.

Statistics

1 Post

Last activity: 17 hours ago

Bluesky

knaepp.bsky.social @knaepp.bsky.social

PH70078:IBM WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14917 CVSS 6.7) https://tinyurl.com/22aozekr

0
0
0
17h ago

CVE-2026-40372

Overview

Microsoft
ASP.NET Core 10.0

21 Apr 2026

Published

30 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.02%

MITRE

KEV

Description

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

OpsMatters @opsmatters.com

The latest update for #Sentrium includes "cPanel and WHM Authentication Bypass Vulnerability (CVE-2026-41940)" and "ASP.NET Core Privilege Escalation Vulnerability (CVE-2026-40372)". #Cybersecurity #PenTesting #infosec https://opsmtrs.com/3aPKkxS

0
0
0
6h ago