社区情报
来自安全社区、研究机构和开源生态的情报。
-
CVE-2026-46447 | OpenStack Ironic up to 35.0.x injection
A vulnerability has been found in <a href="https://vuldb.com/product/openstack:ironic">OpenStack Ironic up to 35.0.x</a> and classified as <a href="https://vuldb.com/kb/risk">critical</a>. The affected element is an unknown function. The manipulation leads to injection. This vulnerability is documented as <a href="https://vuldb.com/cve/CVE-2026-46447">CVE-2…
A vulnerability has been found in <a href="https://vuldb.com/product/openstack:ironic">OpenStack Ironic up to 35.0.x</a> and classified as <a href="https://vuldb.com/kb/risk">critical</a>. The affected element is an unknown function. The manipulation leads to injection. This vulnerability is documented as <a href="https://vuldb.com/cve/CVE-2026-46447">CVE-2A vulnerability has been found in <a href="https://vuldb.com/product/openstack:ironic">OpenStack Ironic up to 35.0.x</a> and classified as <a href="https://vuldb.com/kb/risk">critical</a>. The affected element is an unknown function. The manipulation leads to injection. This vulnerability is documented as <a href="https://vuldb.com/cve/CVE-2026-46447">CVE-2026-46447</a>. The attack requires being on the local network. There is not any exploit available.扩展字段
{ "raw_pub_date": "Thu, 04 Jun 2026 02:13:22 +0200" } -
CVE-2026-22055 | NetApp Active IQ OneCollect 2.7.3 hard-coded credentials (ntap-20260603-0002)
A vulnerability, which was classified as <a href="https://vuldb.com/kb/risk">critical</a>, was found in <a href="https://vuldb.com/product/netapp:active_iq_onecollect">NetApp Active IQ OneCollect 2.7.3</a>. Impacted is an unknown function. Executing a manipulation can lead to hard-coded credentials. This vulnerability is registered as <a href="https://vuldb…
A vulnerability, which was classified as <a href="https://vuldb.com/kb/risk">critical</a>, was found in <a href="https://vuldb.com/product/netapp:active_iq_onecollect">NetApp Active IQ OneCollect 2.7.3</a>. Impacted is an unknown function. Executing a manipulation can lead to hard-coded credentials. This vulnerability is registered as <a href="https://vuldbA vulnerability, which was classified as <a href="https://vuldb.com/kb/risk">critical</a>, was found in <a href="https://vuldb.com/product/netapp:active_iq_onecollect">NetApp Active IQ OneCollect 2.7.3</a>. Impacted is an unknown function. Executing a manipulation can lead to hard-coded credentials. This vulnerability is registered as <a href="https://vuldb.com/cve/CVE-2026-22055">CVE-2026-22055</a>. It is possible to launch the attack remotely. No exploit is available.扩展字段
{ "raw_pub_date": "Thu, 04 Jun 2026 02:12:26 +0200" } -
CVE-2026-22054 | NetApp Active IQ Config Advisor 6.7.3 hard-coded credentials (ntap-20260603-0001)
A vulnerability, which was classified as <a href="https://vuldb.com/kb/risk">critical</a>, has been found in <a href="https://vuldb.com/product/netapp:active_iq_config_advisor">NetApp Active IQ Config Advisor 6.7.3</a>. This issue affects some unknown processing. Performing a manipulation results in hard-coded credentials. This vulnerability is cataloged as…
A vulnerability, which was classified as <a href="https://vuldb.com/kb/risk">critical</a>, has been found in <a href="https://vuldb.com/product/netapp:active_iq_config_advisor">NetApp Active IQ Config Advisor 6.7.3</a>. This issue affects some unknown processing. Performing a manipulation results in hard-coded credentials. This vulnerability is cataloged asA vulnerability, which was classified as <a href="https://vuldb.com/kb/risk">critical</a>, has been found in <a href="https://vuldb.com/product/netapp:active_iq_config_advisor">NetApp Active IQ Config Advisor 6.7.3</a>. This issue affects some unknown processing. Performing a manipulation results in hard-coded credentials. This vulnerability is cataloged as <a href="https://vuldb.com/cve/CVE-2026-22054">CVE-2026-22054</a>. It is possible to initiate the attack remotely. There is no exploit available.扩展字段
{ "raw_pub_date": "Thu, 04 Jun 2026 02:11:40 +0200" } -
CVE-2026-37700 | MaxSite CMS 109.2 admin_page cross site scripting
A vulnerability classified as <a href="https://vuldb.com/kb/risk">problematic</a> was found in <a href="https://vuldb.com/product/maxsite:cms">MaxSite CMS 109.2</a>. This vulnerability affects the function <code>admin_page</code>. Such manipulation leads to cross site scripting. This vulnerability is listed as <a href="https://vuldb.com/cve/CVE-2026-37700">…
A vulnerability classified as <a href="https://vuldb.com/kb/risk">problematic</a> was found in <a href="https://vuldb.com/product/maxsite:cms">MaxSite CMS 109.2</a>. This vulnerability affects the function <code>admin_page</code>. Such manipulation leads to cross site scripting. This vulnerability is listed as <a href="https://vuldb.com/cve/CVE-2026-37700">A vulnerability classified as <a href="https://vuldb.com/kb/risk">problematic</a> was found in <a href="https://vuldb.com/product/maxsite:cms">MaxSite CMS 109.2</a>. This vulnerability affects the function <code>admin_page</code>. Such manipulation leads to cross site scripting. This vulnerability is listed as <a href="https://vuldb.com/cve/CVE-2026-37700">CVE-2026-37700</a>. The attack may be performed from remote. There is no available exploit.扩展字段
{ "raw_pub_date": "Wed, 03 Jun 2026 22:45:31 +0200" } -
CVE-2026-50033 | Acronis DeviceLock DLP prior 9.0.15051.93227 uncontrolled search path
A vulnerability classified as <a href="https://vuldb.com/kb/risk">critical</a> has been found in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. This affects an unknown part. This manipulation causes uncontrolled search path. This vulnerability is tracked as <a href="https://vuldb.com/cve/CVE-2026-50033">CVE-2026-50033…
A vulnerability classified as <a href="https://vuldb.com/kb/risk">critical</a> has been found in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. This affects an unknown part. This manipulation causes uncontrolled search path. This vulnerability is tracked as <a href="https://vuldb.com/cve/CVE-2026-50033">CVE-2026-50033A vulnerability classified as <a href="https://vuldb.com/kb/risk">critical</a> has been found in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. This affects an unknown part. This manipulation causes uncontrolled search path. This vulnerability is tracked as <a href="https://vuldb.com/cve/CVE-2026-50033">CVE-2026-50033</a>. The attack is restricted to local execution. No exploit exists. It is recommended to upgrade the affected component.扩展字段
{ "raw_pub_date": "Wed, 03 Jun 2026 22:44:48 +0200" } -
CVE-2026-44682 | Acronis DeviceLock DLP prior 9.0.15051.93227 uncontrolled search path
A vulnerability described as <a href="https://vuldb.com/kb/risk">critical</a> has been identified in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. Affected by this issue is some unknown functionality. The manipulation results in uncontrolled search path. This vulnerability is identified as <a href="https://vuldb.com/…
A vulnerability described as <a href="https://vuldb.com/kb/risk">critical</a> has been identified in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. Affected by this issue is some unknown functionality. The manipulation results in uncontrolled search path. This vulnerability is identified as <a href="https://vuldb.com/A vulnerability described as <a href="https://vuldb.com/kb/risk">critical</a> has been identified in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. Affected by this issue is some unknown functionality. The manipulation results in uncontrolled search path. This vulnerability is identified as <a href="https://vuldb.com/cve/CVE-2026-44682">CVE-2026-44682</a>. The attack is only possible with local access. There is not any exploit available. Upgrading the affected component is recommended.扩展字段
{ "raw_pub_date": "Wed, 03 Jun 2026 22:44:15 +0200" } -
CVE-2026-44609 | Acronis DeviceLock DLP prior 9.0.15051.93227 uncontrolled search path
A vulnerability marked as <a href="https://vuldb.com/kb/risk">critical</a> has been reported in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vulnerability is referenced as <a href="https://vuldb.com/c…
A vulnerability marked as <a href="https://vuldb.com/kb/risk">critical</a> has been reported in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vulnerability is referenced as <a href="https://vuldb.com/cA vulnerability marked as <a href="https://vuldb.com/kb/risk">critical</a> has been reported in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP</a>. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vulnerability is referenced as <a href="https://vuldb.com/cve/CVE-2026-44609">CVE-2026-44609</a>. The attack can only be performed from a local environment. No exploit is available. It is suggested to upgrade the affected component.扩展字段
{ "raw_pub_date": "Wed, 03 Jun 2026 22:43:39 +0200" } -
CVE-2026-42061 | Acronis DeviceLock DLP 9.0.15051.93227 unnecessary privileges
A vulnerability labeled as <a href="https://vuldb.com/kb/risk">critical</a> has been found in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP 9.0.15051.93227</a>. Affected is an unknown function. Executing a manipulation can lead to execution with unnecessary privileges. The identification of this vulnerability is <a href="…
A vulnerability labeled as <a href="https://vuldb.com/kb/risk">critical</a> has been found in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP 9.0.15051.93227</a>. Affected is an unknown function. Executing a manipulation can lead to execution with unnecessary privileges. The identification of this vulnerability is <a href="A vulnerability labeled as <a href="https://vuldb.com/kb/risk">critical</a> has been found in <a href="https://vuldb.com/product/acronis:devicelock_dlp">Acronis DeviceLock DLP 9.0.15051.93227</a>. Affected is an unknown function. Executing a manipulation can lead to execution with unnecessary privileges. The identification of this vulnerability is <a href="https://vuldb.com/cve/CVE-2026-42061">CVE-2026-42061</a>. The attack can only be executed locally. There is no exploit available. The affected component should be upgraded.扩展字段
{ "raw_pub_date": "Wed, 03 Jun 2026 22:42:54 +0200" }