CVE-2026-10609
- EPSS 0.23%
- Veröffentlicht 23.06.2026 13:26:43
- Zuletzt bearbeitet 08.07.2026 15:10:22
A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogForwarder creator has permission to use those creden...
CVE-2026-0810
- EPSS 0.19%
- Veröffentlicht 26.01.2026 19:36:45
- Zuletzt bearbeitet 26.02.2026 16:23:35
A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior wh...
CVE-2024-11831
- EPSS 1.08%
- Veröffentlicht 10.02.2025 16:15:37
- Zuletzt bearbeitet 01.07.2026 15:16:21
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. T...
CVE-2024-0874
- EPSS 0.76%
- Veröffentlicht 25.04.2024 17:15:47
- Zuletzt bearbeitet 15.04.2026 00:35:42
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
CVE-2023-44487
- EPSS 100%
- Veröffentlicht 10.10.2023 14:15:10
- Zuletzt bearbeitet 12.05.2026 15:10:32
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.