|
591
|
8.1 |
HIGH
Network
|
-
|
-
|
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the …
New
|
CWE-88
Argument Injection
|
CVE-2026-41013
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
592
|
7.8 |
HIGH
Local
|
-
|
-
|
A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulner…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-43958
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
593
|
7.5 |
HIGH
Network
|
-
|
-
|
Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and pl…
New
|
CWE-287
Improper Authentication
|
CVE-2026-40964
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
594
|
10.0 |
CRITICAL
Network
|
-
|
-
|
Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC (Elliptic Curve) private keys are inadvertently exposed thr…
New
|
CWE-200
Information Exposure
|
CVE-2026-40965
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
595
|
8.8 |
HIGH
Local
|
-
|
-
|
The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was…
New
|
CWE-15
External Control of System or Configuration Setting
|
CVE-2026-1784
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
596
|
8.8 |
HIGH
Network
|
-
|
-
|
IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator.
New
|
CWE-74
Injection
|
CVE-2026-7770
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
597
|
9.1 |
CRITICAL
Network
|
-
|
-
|
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
New
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-8644
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
598
|
9.0 |
CRITICAL
Network
|
-
|
-
|
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.
New
|
CWE-94
Code Injection
|
CVE-2026-9311
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
599
|
9.0 |
CRITICAL
Network
|
-
|
-
|
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security.
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-9319
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
600
|
8.5 |
HIGH
Network
|
-
|
-
|
IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remo…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-9330
|
2026-06-2 23:01 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
