|
221
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A race condition in the shared Extreme Platform
ONE IAM Gateway API-key authentication path could, under specific
high-concurrency traffic conditions, intermittently allow requests
authenticated with…
New
|
CWE-362
CWE-488
Race Condition
Exposure of Data Element to Wrong Session
|
CVE-2026-9831
|
2026-06-2 03:02 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Missing authentication and clear‑text transmission of data from the heat pumps to the control server, combined with the absence of input validation on aggregated data, can lead to stored XSS that ena…
New
|
CWE-79
CWE-306
CWE-319
Cross-site Scripting
Missing Authentication for Critical Function
Cleartext Transmission of Sensitive Information
|
CVE-2026-25599
|
2026-06-2 03:02 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223
|
6.4 |
MEDIUM
Local
|
-
|
-
|
The PDBM application relies on a static, hard‑coded secret embedded
in the PDBM.exe executable. This secret is used by the application’s
encryption routines, including the function responsible for …
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-25600
|
2026-06-2 03:02 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224
|
- |
|
-
|
-
|
Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that use…
New
|
-
|
CVE-2022-4991
|
2026-06-2 03:02 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225
|
- |
|
-
|
-
|
Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IO…
New
|
-
|
CVE-2026-8501
|
2026-06-2 03:02 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226
|
9.9 |
CRITICAL
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-59
CWE-200
Link Following
Information Exposure
|
CVE-2026-44881
|
2026-06-2 03:02 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
227
|
8.5 |
HIGH
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-44850
|
2026-06-2 02:59 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
228
|
8.8 |
HIGH
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-862
Missing Authorization
|
CVE-2026-44849
|
2026-06-2 02:59 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
229
|
8.8 |
HIGH
Network
|
portainer
|
portainer
|
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
Update
|
CWE-862
Missing Authorization
|
CVE-2026-44848
|
2026-06-2 02:58 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
230
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x thr…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-7858
|
2026-06-2 02:57 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
