Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

24647 risultati

VulnerabilitàCritica
CVE-2026-7664 (CVSS 9.8)

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.

NVD (NIST)22 giu 2026
VulnerabilitàAlta
CVE-2026-12628 (CVSS 8.1)

IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources.

NVD (NIST)22 giu 2026
News
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily ... Read more Published Date: Jun 22, 2026 (3 days, 23 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-41949 CVE-2026-41948 CVE-2026-41947 CVE-2026-41950 CVE-2024-5846

CVEfeed Newsroom22 giu 2026
News
29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the sa ... Read more Published Date: Jun 22, 2026 (3 days, 23 hours ago) Vulnerabilities has been mentioned in this article.

CVEfeed Newsroom22 giu 2026
VulnerabilitàCritica
CVE-2026-10561 (CVSS 10)

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise

NVD (NIST)22 giu 2026
VulnerabilitàAlta
CVE-2026-6062 - IDOR in Jira plugin subscription edit endpoint

CVE ID :CVE-2026-6062 Published : June 22, 2026, 1:40 p.m. | 2 hours, 3 minutes ago Description :Mattermost versions 11.7.x Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-6673 - Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install

CVE ID :CVE-2026-6673 Published : June 22, 2026, 1:38 p.m. | 2 hours, 4 minutes ago Description :Mattermost versions 11.7.x Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-8074 - Improper Permission Check Allows User Manager to Deactivate Bot Accounts

CVE ID :CVE-2026-8074 Published : June 22, 2026, 1:37 p.m. | 2 hours, 6 minutes ago Description :Mattermost versions 11.7.x Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-9162 - Global session revocation does not invalidate active WebSocket connections

CVE ID :CVE-2026-9162 Published : June 22, 2026, 1:36 p.m. | 2 hours, 7 minutes ago Description :Mattermost versions 11.7.x Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-5139 - GitLab Plugin Allows Non-Admin Users to Modify Default Instance Configuration

CVE ID :CVE-2026-5139 Published : June 22, 2026, 1:34 p.m. | 2 hours, 9 minutes ago Description :Mattermost versions 11.7.x }} slash command.. Mattermost Advisory ID: MMSA-2026-00644 Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-10561 - Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

CVE ID :CVE-2026-10561 Published : June 22, 2026, 1:22 p.m. | 2 hours, 21 minutes ago Description :IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-28381 - Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT

CVE ID :CVE-2026-28381 Published : June 22, 2026, 1:20 p.m. | 2 hours, 23 minutes ago Description :The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026

Pagina 147 di 2054

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.