24h | 7d | 30d

Overview

  • libssh2
  • libssh2

17 Jun 2026
Published
18 Jun 2026
Updated

CVSS v4.0
HIGH (8.2)
EPSS
Pending

KEV

Description

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSH_MSG_EXT_INFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can set nr_extensions to 0xFFFFFFFF during key exchange, causing the client to spin in a tight CPU loop for over 60 seconds because return values from _libssh2_get_string() are unchecked and the session timeout does not apply to CPU-bound loops.

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
libssh2: patch CVE-2025-15661, CVE-2026-55199, and CVE-2026-55200 https://github.com/NixOS/nixpkgs/pull/537250 #security
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • libssh2
  • libssh2

18 Jun 2026
Published
23 Jun 2026
Updated

CVSS v4.0
HIGH (8.3)
EPSS
Pending

KEV

Description

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSH_FXP_NAME response. Attackers can supply a link_len value larger than the actual packet data in SSH_FXP_NAME responses for SFTP READLINK and REALPATH operations, triggering a heap buffer over-read of up to target_len minus one bytes due to the missing validation of available packet buffer size before the memcpy operation.

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
libssh2: patch CVE-2025-15661, CVE-2026-55199, and CVE-2026-55200 https://github.com/NixOS/nixpkgs/pull/537250 #security
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • StoneFly
  • Storage Concentrator

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
CRITICAL (10.0)
EPSS
Pending

KEV

Description

Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a malicious payload that is processed without adequate sanitization, resulting in arbitrary command execution with root-level privileges.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

StoneFly Storage Concentrator appliances are under active exploitation. Five critical vulnerabilities (CVE-2026-50110, CVE-2026-56413, CVE-2026-56415, CVE-2026-55721, CVE-2026-50040) allow unauthenticated remote code...

captechgroup.com/threat-intell

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • StoneFly
  • Storage Concentrator

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
MEDIUM (5.1)
EPSS
Pending

KEV

Description

Storage Concentrator (SC & SCVM) is vulnerable to reflected cross-site scripting due to unsanitized content being echoed back in 404 error pages. An attacker can craft a malicious URL that, when visited by an authenticated user, causes arbitrary script content to execute within the victim's browser session in the context of the application. This could be leveraged to steal session cookies, redirect users, or perform unauthorized actions on behalf of the victim.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

StoneFly Storage Concentrator appliances are under active exploitation. Five critical vulnerabilities (CVE-2026-50110, CVE-2026-56413, CVE-2026-56415, CVE-2026-55721, CVE-2026-50040) allow unauthenticated remote code...

captechgroup.com/threat-intell

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • StoneFly
  • Storage Concentrator

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
CRITICAL (9.2)
EPSS
Pending

KEV

Description

Storage Concentrator (SC & SCVM) is vulnerable to SQL injection through cookie values processed by the login.pl and debug.pl scripts. The cookie value is incorporated directly into database queries without adequate sanitization, allowing an unauthenticated remote attacker to manipulate those queries and extract sensitive information from the underlying database, including session tokens, password hashes, and stored secret keys.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

StoneFly Storage Concentrator appliances are under active exploitation. Five critical vulnerabilities (CVE-2026-50110, CVE-2026-56413, CVE-2026-56415, CVE-2026-55721, CVE-2026-50040) allow unauthenticated remote code...

captechgroup.com/threat-intell

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Stonefly
  • Storage Concentrator

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
CRITICAL (10.0)
EPSS
Pending

KEV

Description

Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization, resulting in arbitrary command execution with root-level privileges on the underlying system.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

StoneFly Storage Concentrator appliances are under active exploitation. Five critical vulnerabilities (CVE-2026-50110, CVE-2026-56413, CVE-2026-56415, CVE-2026-55721, CVE-2026-50040) allow unauthenticated remote code...

captechgroup.com/threat-intell

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Grafana
  • Grafana

22 Jun 2023
Published
13 Feb 2025
Updated

CVSS v3.1
CRITICAL (9.4)
EPSS
0.15%

KEV

Description

Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

balluff.csaf-tp.certvde.com/.w

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • Grafana
  • Grafana

18 Oct 2024
Published
14 Mar 2025
Updated

CVSS v4.0
CRITICAL (9.4)
EPSS
97.78%

KEV

Description

The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

balluff.csaf-tp.certvde.com/.w

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • grafana
  • grafana

08 Feb 2022
Published
23 Apr 2025
Updated

CVSS v3.1
MEDIUM (6.3)
EPSS
0.36%

KEV

Description

Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

balluff.csaf-tp.certvde.com/.w

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • OpenSSL
  • OpenSSL

27 Jan 2026
Published
30 Jun 2026
Updated

CVSS
Pending
EPSS
47.62%

KEV

Description

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

balluff.csaf-tp.certvde.com/.w

  • 0
  • 0
  • 0
  • 18h ago
Showing 51 to 60 of 76 CVEs