|
381
|
7.5 |
HIGH
Network
|
-
|
-
|
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix.
The peer-wire framing in _process_messages trusts the 4-byte length pr…
New
|
CWE-400 CWE-770
Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling
|
CVE-2026-57080
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
382
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata.
Net::BitTorrent validates file path components only on the .t…
New
|
CWE-22
Path Traversal
|
CVE-2026-57079
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
383
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-o…
New
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-56783
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
384
|
7.3 |
HIGH
Network
|
-
|
-
|
Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the corr…
New
|
CWE-304
Missing Critical Step in Authentication
|
CVE-2026-55957
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
385
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint.
Thi…
New
|
CWE-285
Improper Authorization
|
CVE-2026-55956
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
386
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11…
New
|
CWE-287
Improper Authentication
|
CVE-2026-55955
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
387
|
- |
|
-
|
-
|
fzf is vulnerable to a Denial of Service (DoS) due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in q…
New
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-53433
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
388
|
7.5 |
HIGH
Network
|
-
|
-
|
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.
Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause bro…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-50750
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
389
|
- |
|
-
|
-
|
A SAML authentication replay vulnerability in Rancher's Assertion
Consumer Service (ACS) handler did not enforce
one-time use of SAML assertion, potentially allowing person in the middle attacks ag…
New
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2026-44946
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
390
|
5.5 |
MEDIUM
Local
|
-
|
-
|
The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to leak sensitive kernel state.
New
|
CWE-20
Improper Input Validation
|
CVE-2026-43722
|
2026-06-30 23:16 |
2026-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|