|
3961
|
8.8 |
HIGH
Network
|
-
|
-
|
Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-38807
|
2026-05-29 01:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3962
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-6051
|
2026-05-29 00:55 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3963
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-6052
|
2026-05-29 00:51 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3964
|
5.5 |
MEDIUM
Local
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-6053
|
2026-05-29 00:46 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3965
|
6.5 |
MEDIUM
Network
|
ibm
|
i
|
IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment (ILE) compiler. An authenticated attacker could exploit th…
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-6936
|
2026-05-29 00:46 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3966
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query.
|
CWE-285
Improper Authorization
|
CVE-2026-6938
|
2026-05-29 00:41 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3967
|
5.5 |
MEDIUM
Local
|
libusb
|
libusb
|
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parse_iad_array() in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed US…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-47104
|
2026-05-29 00:40 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3968
|
6.5 |
MEDIUM
Network
|
redhat
samba
|
openshift_container_platform
samba
enterprise_linux
|
A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to i…
|
CWE-280
Improper Handling of Insufficient Permissions or Privileges
|
CVE-2026-2340
|
2026-05-29 00:33 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3969
|
9.1 |
CRITICAL
Network
|
golang
|
crypto
|
When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forward…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-39832
|
2026-05-29 00:11 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3970
|
9.1 |
CRITICAL
Network
|
golang
|
crypto
|
The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indicatio…
|
CWE-862
Missing Authorization
|
CVE-2026-39833
|
2026-05-29 00:04 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
