|
1451
|
7.5 |
HIGH
Network
|
-
|
-
|
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-10142
|
2026-06-12 00:22 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1452
|
7.5 |
HIGH
Network
|
-
|
-
|
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supp…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-10143
|
2026-06-12 00:22 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1453
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface.
This issue i…
|
CWE-79
Cross-site Scripting
|
CVE-2026-0266
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1454
|
- |
|
-
|
-
|
An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the Glo…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-0267
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1455
|
- |
|
-
|
-
|
A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel.
This does not impact Prisma Access Agent on Window…
|
CWE-424
Improper Protection of Alternate Path
|
CVE-2026-0268
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1456
|
- |
|
-
|
-
|
A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-0269
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1457
|
- |
|
-
|
-
|
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipu…
|
CWE-22
Path Traversal
|
CVE-2026-0270
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1458
|
- |
|
-
|
-
|
A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges.
This does not impact Pri…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-0271
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1459
|
- |
|
-
|
-
|
An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resource…
|
CWE-1390
Weak Authentication
|
CVE-2026-0274
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1460
|
- |
|
-
|
-
|
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with…
|
CWE-862
Missing Authorization
|
CVE-2026-0272
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
