CVE-2026-33519

Overview

Esri
Portal for ArcGIS

21 Apr 2026

Published

23 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.04%

MITRE

KEV

Description

An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials.

Statistics

1 Post

Last activity: 11 hours ago

Bluesky

ケイ | 副業Webライター📖 @keiwork35.bsky.social

【脆弱性情報】 CVE-2026-33519 Esri Portal for ArcGISの脆弱性について Esri Portal for ArcGIS 11.4、11.5、12.0 の Windows、Linux、Kubernetes 向け環境には、

0
0
0
11h ago

CVE-2026-1502

Overview

Python Software Foundation
CPython
http.client

10 Apr 2026

Published

21 Apr 2026

Updated

CVSS v4.0

MEDIUM (5.7)

EPSS

0.06%

MITRE

KEV

Description

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

CVE-2026-1502 (HTTP injection) and CVE-2026-4786 (command injection) hit Python 3.14 on Fedora. Don't just patch today. Build automation that finds ANY CVE. Read -> tinyurl.com/2krzcetb #Fedora #Security

0
0
0
6h ago

CVE-2026-4786

Overview

Python Software Foundation
CPython

13 Apr 2026

Published

14 Apr 2026

Updated

CVSS v4.0

HIGH (7.0)

EPSS

0.02%

MITRE

KEV

Description

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

CVE-2026-1502 (HTTP injection) and CVE-2026-4786 (command injection) hit Python 3.14 on Fedora. Don't just patch today. Build automation that finds ANY CVE. Read -> tinyurl.com/2krzcetb #Fedora #Security

0
0
0
6h ago