Aggregator

CVE-2026-28402 | nimiq core-rs-albatross up to 1.2.1 header.body_root integrity check (EUVD-2026-9074)

Vuldb Updates
2 months ago
A vulnerability identified as problematic has been detected in nimiq core-rs-albatross up to 1.2.1. This issue affects some unknown processing. Performing a manipulation of the argument header.body_root results in improper validation of integrity check value. This vulnerability is identified as CVE-2026-28402. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-28400 | Docker model-runner up to 1.0.15 API /engines/_configure routine (EUVD-2026-9073)

Vuldb Updates
2 months ago
A vulnerability labeled as critical has been found in Docker model-runner up to 1.0.15. Impacted is an unknown function of the file /engines/_configure of the component API. Executing a manipulation can lead to exposed dangerous routine. This vulnerability is tracked as CVE-2026-28400. The attack is restricted to local execution. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2026-27840 | Zitadel up to 2.71.19/3.4.6/4.10.x Access Token token_id authentication bypass by assumed-immutable data (GHSA-6mq3-xmgp-pjm5 / EUVD-2026-8789)

Vuldb Updates
2 months ago
A vulnerability has been found in Zitadel up to 2.71.19/3.4.6/4.10.x and classified as problematic. Affected by this issue is some unknown functionality of the component Access Token Handler. Performing a manipulation of the argument token_id results in authentication bypass by assumed-immutable data. This vulnerability is identified as CVE-2026-27840. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

How does Agentic AI deliver value in cybersecurity

Security Boulevard
2 months ago

How Can Non-Human Identities Enhance Cybersecurity? Are your security strategies keeping up with the increasing complexity of digital? With cybersecurity challenges evolve, so do the measures to counter them. Among these advancements, the management of Non-Human Identities (NHIs) is proving crucial. NHIs, which combine machine identities with secured secrets such as encrypted passwords and tokens, […]

The post How does Agentic AI deliver value in cybersecurity appeared first on Entro.

The post How does Agentic AI deliver value in cybersecurity appeared first on Security Boulevard.

Alison Mack

Is your AI security solution scalable for future challenges

Security Boulevard
2 months ago

Are Non-Human Identities the Key to Scalable AI Security? How can organizations ensure their AI security solution stays scalable in evolving digital threats? The answer may lie in the effective management of Non-Human Identities (NHIs). With the increasing adoption of cloud solutions across industries, managing these machine identities becomes paramount. In sectors such as financial […]

The post Is your AI security solution scalable for future challenges appeared first on Entro.

The post Is your AI security solution scalable for future challenges appeared first on Security Boulevard.

Alison Mack

How to maintain control over your AI and its actions

Security Boulevard
2 months ago

How Can Organizations Effectively Manage Non-Human Identities? What strategies can organizations implement to safeguard their digital assets against misuse of Non-Human Identities (NHIs)? The journey to securing cloud environments against such threats begins with understanding how NHIs operate within cybersecurity frameworks. NHIs, essentially machine identities, serve as the backbone of secure communication and operations in […]

The post How to maintain control over your AI and its actions appeared first on Entro.

The post How to maintain control over your AI and its actions appeared first on Security Boulevard.

Alison Mack

How can you be reassured about your AI’s security integrity

Security Boulevard
2 months ago

Is Your AI Security Integrity Robust Enough? Where artificial intelligence is increasingly utilized across diverse sectors, the question of AI security integrity often comes to the forefront. When organizations integrate AI into their operations, ensuring safety and security becomes paramount. This is where the management of Non-Human Identities (NHIs) and secret security management plays a […]

The post How can you be reassured about your AI’s security integrity appeared first on Entro.

The post How can you be reassured about your AI’s security integrity appeared first on Security Boulevard.

Alison Mack

CVE-2026-24423

CVE Trends
2 months ago
Currently trending CVE - Hype Score: 4 - SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be ...

CVE-2026-20048 | Cisco NX-OS up to 16.1(4h) ACI Mode memory allocation (cisco-sa-nxos-dsnmp-cNN39Uh)

Vuldb Updates
2 months ago
A vulnerability has been found in Cisco NX-OS and classified as problematic. The impacted element is an unknown function of the component ACI Mode. Performing a manipulation results in uncontrolled memory allocation. This vulnerability is known as CVE-2026-20048. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2026-20099 | Cisco Firepower Extensible Operating System os command injection (cisco-sa-ucsciv-wGYtC78q)

Vuldb Updates
2 months ago
A vulnerability was found in Cisco Firepower Extensible Operating System, Secure Firewall Adaptive Security Appliance Software and Unified Computing System and classified as critical. This affects an unknown function. Executing a manipulation can lead to os command injection. This vulnerability is handled as CVE-2026-20099. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-20122 | Cisco Catalyst SD-WAN Manager up to 20.18.2_LI_Images incorrect privileged apis (cisco-sa-sdwan-authbp-qwCX8D4v / Nessus ID 299999)

Vuldb Updates
2 months ago
A vulnerability was found in Cisco Catalyst SD-WAN Manager. It has been classified as critical. This impacts an unknown function. The manipulation leads to incorrect use of privileged apis. This vulnerability is uniquely identified as CVE-2026-20122. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-26717 | OpenFUN Richie api.py sync_course_run_from_request signature verification

Vuldb Updates
2 months ago
A vulnerability classified as problematic was found in OpenFUN Richie. The impacted element is the function sync_course_run_from_request of the file src/richie/apps/courses/api.py. Such manipulation leads to improper verification of cryptographic signature. This vulnerability is documented as CVE-2026-26717. The attack can be executed remotely. There is not any exploit available. Applying a patch is advised to resolve this issue.
vuldb.com

CVE-2026-20129 | Cisco Catalyst SD-WAN Manager up to 20.18.2_LI_Images API improper authentication (cisco-sa-sdwan-authbp-qwCX8D4v / Nessus ID 300000)

Vuldb Updates
2 months ago
A vulnerability was found in Cisco Catalyst SD-WAN Manager. It has been declared as critical. This affects an unknown part of the component API. Such manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2026-20129. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-20126 | Cisco Catalyst SD-WAN Manager up to 20.18.2_LI_Images REST API incorrect privileged apis (cisco-sa-sdwan-authbp-qwCX8D4v / Nessus ID 299999)

Vuldb Updates
2 months ago
A vulnerability was found in Cisco Catalyst SD-WAN Manager. It has been rated as very critical. This vulnerability affects unknown code of the component REST API. Performing a manipulation results in incorrect use of privileged apis. This vulnerability was named CVE-2026-20126. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

Managed ad