|
651
|
- |
|
-
|
-
|
FlexRIC v2.0.0 contains reachable assert(0) calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decoda…
New
|
-
|
CVE-2026-37227
|
2026-06-2 03:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
652
|
- |
|
-
|
-
|
An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.l…
New
|
-
|
CVE-2026-38950
|
2026-06-2 03:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
653
|
5.5 |
MEDIUM
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-22
Path Traversal
|
CVE-2026-44885
|
2026-06-2 03:08 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
654
|
6.5 |
MEDIUM
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-862
Missing Authorization
|
CVE-2026-44884
|
2026-06-2 03:07 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
655
|
4.0 |
MEDIUM
Network
|
-
|
-
|
A misconfigured Content Security Policy (CSP) in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0442 and earlier) fails to define directives without fallbacks, allowing attackers to bypass i…
Update
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2026-21785
|
2026-06-2 03:04 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
656
|
7.5 |
HIGH
Network
|
-
|
-
|
The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and <7.10.12 accepts a client-supplied IMessage object and passes it dir…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-32995
|
2026-06-2 03:04 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
657
|
8.1 |
HIGH
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-44882
|
2026-06-2 03:03 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
658
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A race condition in the shared Extreme Platform
ONE IAM Gateway API-key authentication path could, under specific
high-concurrency traffic conditions, intermittently allow requests
authenticated with…
Update
|
CWE-362
CWE-488
Race Condition
Exposure of Data Element to Wrong Session
|
CVE-2026-9831
|
2026-06-2 03:02 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
659
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Missing authentication and clear‑text transmission of data from the heat pumps to the control server, combined with the absence of input validation on aggregated data, can lead to stored XSS that ena…
New
|
CWE-79
CWE-306
CWE-319
Cross-site Scripting
Missing Authentication for Critical Function
Cleartext Transmission of Sensitive Information
|
CVE-2026-25599
|
2026-06-2 03:02 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
660
|
6.4 |
MEDIUM
Local
|
-
|
-
|
The PDBM application relies on a static, hard‑coded secret embedded
in the PDBM.exe executable. This secret is used by the application’s
encryption routines, including the function responsible for …
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-25600
|
2026-06-2 03:02 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
