|
511
|
6.7 |
MEDIUM
Local
|
fortinet
|
fortios
fortiproxy
|
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.…
Update
|
CWE-1244
Internal Asset Exposed to Unsafe Debug Access Level or State
|
CVE-2025-67862
|
2026-06-12 06:31 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
512
|
- |
|
-
|
-
|
In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull requests, while the deploy workflow runs with pac…
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-47174
|
2026-06-12 06:16 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
513
|
8.8 |
HIGH
Network
|
-
|
-
|
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes exposes three environment variables (ALLOW_ONLY_READONLY_TOOL…
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-46519
|
2026-06-12 06:01 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
514
|
6.1 |
MEDIUM
Network
|
-
|
-
|
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic tool in mcp-server-kubernetes passes user-supplied flags direct…
New
|
CWE-88
Argument Injection
|
CVE-2026-47250
|
2026-06-12 06:01 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
515
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove…
New
|
CWE-862
Missing Authorization
|
CVE-2026-47163
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
516
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / ManageGuild, but without Manage Roles or Administrator, …
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-47169
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
517
|
7.7 |
HIGH
Network
|
-
|
-
|
Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary H…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-47170
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
518
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a reminder whose message contains @everyone or @here. When …
New
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2026-47171
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
519
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged bui…
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-47172
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
520
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channe…
New
|
CWE-200
Information Exposure
|
CVE-2026-47176
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
