|
321
|
- |
|
-
|
-
|
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable bo…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-35212
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
322
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blender_mcp/server.py. The manipulation of the arg…
New
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-10661
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
323
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Hand…
New
|
CWE-400
CWE-404
Uncontrolled Resource Consumption
Improper Resource Shutdown or Release
|
CVE-2026-10650
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
324
|
6.8 |
MEDIUM
Physics
|
-
|
-
|
Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise softwa…
New
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2025-15653
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
325
|
7.5 |
HIGH
Network
|
-
|
-
|
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unenc…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-14036
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
326
|
8.6 |
HIGH
Network
|
-
|
-
|
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected) contain a network message handling vulnerability t…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2022-4992
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
327
|
8.2 |
HIGH
Local
|
-
|
-
|
Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with…
New
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-4481
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
328
|
8.2 |
HIGH
Local
|
-
|
-
|
Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with…
New
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-4480
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
329
|
8.5 |
HIGH
Network
|
-
|
-
|
authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstre…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-47201
|
2026-06-3 06:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
330
|
5.3 |
MEDIUM
Network
|
-
|
-
|
CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authen…
New
|
CWE-287
Improper Authentication
|
CVE-2026-45289
|
2026-06-3 06:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
