Common Vulnerabilities and Exposures (CVE)

CVE-2026-32591

Jun 3, 2026 04:35:16 UTC

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying...

CVE-2026-50031

Jun 3, 2026 04:17:54 UTC

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large n...

CVE-2026-32590

Jun 3, 2026 04:16:59 UTC

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on ...

CVE-2026-32589

Jun 3, 2026 04:14:59 UTC

A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do...

CVE-2026-2377

Jun 3, 2026 04:14:51 UTC

A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, ...

CVE-2024-0402

Jun 3, 2026 04:08:40 UTC

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server whil...

CVE-2026-4480

Jun 3, 2026 04:06:28 UTC

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta character...

CVE-2026-4408

Jun 3, 2026 04:06:20 UTC

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, ...

CVE-2026-3012

Jun 3, 2026 04:05:58 UTC

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store wi...

CVE-2026-50052

Jun 3, 2026 03:59:35 UTC

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack (request smuggling), which in turn can be used for cache poisoning, authentication...

CVE-2026-40715

Jun 3, 2026 03:56:06 UTC

Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation.

CVE-2026-40619

Jun 3, 2026 03:56:05 UTC

A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Gen...

CVE-2026-10591

Jun 3, 2026 03:56:03 UTC

Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive...

CVE-2026-40965

Jun 3, 2026 03:56:02 UTC

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC (Elliptic Curve) private keys are inadvertently exposed through the public /token_keys endpoint. Thi...

CVE-2025-59604

Jun 3, 2026 03:56:00 UTC

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.