|
291
|
7.8 |
HIGH
Local
|
dell
|
elastic_cloud_storage
objectscale
|
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could p…
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-40636
|
2026-05-13 02:19 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsm_handle_pdu_session_modification_qos_flow_descriptions of the file src/smf/gsm-handler.c of the component SMF. Exec…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8288
|
2026-05-13 02:18 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipu…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8289
|
2026-05-13 02:18 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294
|
7.5 |
HIGH
Network
|
apple
|
macos
|
A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data.
New
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2026-39871
|
2026-05-13 02:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295
|
8.8 |
HIGH
Local
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A mali…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-28995
|
2026-05-13 02:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
watchos
|
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5,…
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-28987
|
2026-05-13 02:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
watchos
|
A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, …
New
|
CWE-362
Race Condition
|
CVE-2026-28986
|
2026-05-13 02:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298
|
- |
|
-
|
-
|
Missing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions to obtain OTP secret keys and recovery codes via crafted re…
New
|
CWE-862
Missing Authorization
|
CVE-2026-8407
|
2026-05-13 02:16 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate h…
New
|
-
|
CVE-2026-8278
|
2026-05-13 02:16 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300
|
8.2 |
HIGH
Network
|
-
|
-
|
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs without validating scheme, port, or reso…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-43993
|
2026-05-13 02:16 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
