Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

24669 risultati

News
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily ... Read more Published Date: Jun 22, 2026 (3 days, 23 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-41949 CVE-2026-41948 CVE-2026-41947 CVE-2026-41950 CVE-2024-5846

CVEfeed Newsroom22 giu 2026
News
29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the sa ... Read more Published Date: Jun 22, 2026 (3 days, 23 hours ago) Vulnerabilities has been mentioned in this article.

CVEfeed Newsroom22 giu 2026
VulnerabilitàCritica
CVE-2026-10561 (CVSS 10)

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise

NVD (NIST)22 giu 2026
VulnerabilitàAlta
CVE-2026-6062 - IDOR in Jira plugin subscription edit endpoint

CVE ID :CVE-2026-6062 Published : June 22, 2026, 1:40 p.m. | 2 hours, 3 minutes ago Description :Mattermost versions 11.7.x Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-6673 - Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install

CVE ID :CVE-2026-6673 Published : June 22, 2026, 1:38 p.m. | 2 hours, 4 minutes ago Description :Mattermost versions 11.7.x Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-8074 - Improper Permission Check Allows User Manager to Deactivate Bot Accounts

CVE ID :CVE-2026-8074 Published : June 22, 2026, 1:37 p.m. | 2 hours, 6 minutes ago Description :Mattermost versions 11.7.x Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-9162 - Global session revocation does not invalidate active WebSocket connections

CVE ID :CVE-2026-9162 Published : June 22, 2026, 1:36 p.m. | 2 hours, 7 minutes ago Description :Mattermost versions 11.7.x Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-5139 - GitLab Plugin Allows Non-Admin Users to Modify Default Instance Configuration

CVE ID :CVE-2026-5139 Published : June 22, 2026, 1:34 p.m. | 2 hours, 9 minutes ago Description :Mattermost versions 11.7.x }} slash command.. Mattermost Advisory ID: MMSA-2026-00644 Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-10561 - Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

CVE ID :CVE-2026-10561 Published : June 22, 2026, 1:22 p.m. | 2 hours, 21 minutes ago Description :IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2026-28381 - Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT

CVE ID :CVE-2026-28381 Published : June 22, 2026, 1:20 p.m. | 2 hours, 23 minutes ago Description :The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2025-33128 - IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities HTML / XSS Injection observed

CVE ID :CVE-2025-33128 Published : June 22, 2026, 1:20 p.m. | 2 hours, 23 minutes ago Description :IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026
VulnerabilitàAlta
CVE-2025-2669 - Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.

CVE ID :CVE-2025-2669 Published : June 22, 2026, 1:18 p.m. | 2 hours, 25 minutes ago Description :IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE22 giu 2026

Pagina 149 di 2056

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.