VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
3967 advisories across 32 monitored vendors.
A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the ActiveDirectoryIdentityProvider.spec.groupSearch.attributes.groupName is empty; the attacker gains the ability to edit some part of the distinguished name (DN) of group entries in the Active Directory (AD) server's database for groups to which they belong; the configured group search parameters cause the edited group to be included in the group search results for the user; and the attacker knows the password for an AD user who belongs to the edited AD group. Affected versions: Pinniped (go.pinniped.dev) v0.11.0 through v0.46.0 inclusive; fixed in v0.47.0.
Remote Code Execution via arbitrary file write due to insufficient tag validation. Red Hat rates this important (CVSS 9.8). Weakness: CWE-22.
CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino. This issue affects Apache Gravitino: before 1.2.1. Users are recommended to upgrade to version 1.2.1, which fixes the issue. This issue only happens when using H2, and H2 is mainly used for testing and local development. Also, Gravitino is typically deployed in the internal environment, so the severity is low.
Remote Code Execution via unsafe deserialization in model loaders. Red Hat rates this important (CVSS 7.5). Weakness: CWE-502.
GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input.
DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Affected product named by the advisory: GitLab.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input.
Arbitrary script execution via improper input sanitization. Red Hat rates this important (CVSS 7.3). Weakness: CWE-79.
Arbitrary file write via path traversal in SCP client. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22.
Denial of Service via repeated leafnode INFO messages during pre-authentication. Red Hat rates this important (CVSS 7.5). Weakness: CWE-476.
Authentication bypass and privilege escalation via parser fast path. Red Hat rates this important (CVSS 8.8). Weakness: CWE-551.
Denial of Service via unbounded decompression of HTTP response bodies. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409.
Directory traversal via crafted skill archive upload. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22.
Arbitrary code execution and information disclosure via custom code guardrails. Red Hat rates this important (CVSS 7.2). Weakness: CWE-94.
HashiCorp memberlist: Denial of Service via push/pull state handling. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770.
@opentelemetry/propagator-jaeger: OpenTelemetry JavaScript: Denial of Service via malformed HTTP header decoding. Red Hat rates this important (CVSS 7.5). Weakness: CWE-248.
On July 15, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Identity Services Engine (ISE) RoomOS To fully remediate vulnerabilities to be disclosed on July 15, 2026, Cisco strongly recommends that customers upgrade to the fixed software indicated in the advisories. For more information about changes in Cisco PSIRT vulnerability disclosure, see Strengthening the Foundation: A Predictable, Customer Focused Response to AI-Accelerated Vulne… Affected products named by the advisory: Identity Services Engine Software; RoomOS Software.
CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS
Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention (DLP) component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected.