Overview
- OpenPrinting
- cups
11 Sep 2025
Published
04 Nov 2025
Updated
CVSS v3.1
HIGH (8.0)
EPSS
0.05%
KEV
Description
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.
Statistics
- 1 Post
Last activity: 5 hours ago
Overview
- Microsoft
- GitHub Copilot Plugin for JetBrains IDEs
10 Feb 2026
Published
11 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
KEV
Description
Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.
Statistics
- 1 Post
Last activity: 10 hours ago
Bluesky
Overview
Description
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.
Statistics
- 2 Posts
- 6 Interactions
Last activity: Last hour
Fediverse
Overview
Description
This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.
Statistics
- 2 Posts
- 6 Interactions
Last activity: Last hour
Fediverse
Description
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Statistics
- 2 Posts
- 6 Interactions
Last activity: Last hour
Fediverse
Overview
- libexpat project
- libexpat
23 Jan 2026
Published
23 Jan 2026
Updated
CVSS v3.1
LOW (2.9)
EPSS
0.00%
KEV
Description
In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.
Statistics
- 1 Post
Last activity: 1 hour ago
Overview
- Ivanti
- Endpoint Manager
10 Feb 2026
Published
10 Feb 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
0.16%
KEV
Description
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.
Statistics
- 1 Post
Last activity: 6 hours ago
Overview
- libexpat project
- libexpat
30 Jan 2026
Published
03 Feb 2026
Updated
CVSS v3.1
MEDIUM (6.9)
EPSS
0.01%
KEV
Description
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.
Statistics
- 1 Post
Last activity: 1 hour ago
Overview
- Ivanti
- Endpoint Manager
10 Feb 2026
Published
10 Feb 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.05%
KEV
Description
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
Statistics
- 1 Post
Last activity: 6 hours ago
Overview
Description
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Statistics
- 1 Post
Last activity: 10 hours ago