|
11
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive inf…
New
|
CWE-862
Missing Authorization
|
CVE-2026-20193
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has address…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-20219
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: caiaq: take a reference on the USB device in create_card()
The caiaq driver stores a pointer to the parent USB device in
cd…
Update
|
NVD-CWE-noinfo
|
CVE-2026-31701
|
2026-05-7 03:55 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
3.7 |
LOW
Network
|
-
|
-
|
A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Respo…
New
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-8026
|
2026-05-7 03:52 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in FlowiseAI Flowise up to 3.0.12. Affected by this vulnerability is an unknown functionality of the component User Controller Handler. This manipulation of the argumen…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-8027
|
2026-05-7 03:52 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Perf…
New
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-8028
|
2026-05-7 03:52 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback
NETIF_F_IPV6_CSUM only advertises support for checksum offload o…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43057
|
2026-05-7 03:48 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()
In f2fs_compress_write_end_io(), dec_page_count(sbi, type) can br…
Update
|
CWE-416
Use After Free
|
CVE-2026-31702
|
2026-05-7 03:44 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
writeback: Fix use after free in inode_switch_wbs_work_fn()
inode_switch_wbs_work_fn() has a loop like:
wb_get(new_wb);
whil…
Update
|
CWE-416
Use After Free
|
CVE-2026-31703
|
2026-05-7 03:42 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
7.3 |
HIGH
Network
|
apache
|
http_server
|
Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data.
This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66.
Users a…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-29168
|
2026-05-7 03:39 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
