News & Sicurezza
Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.
24696 risultati
IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted responses to the plug-in.
IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.
IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources.
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily ... Read more Published Date: Jun 22, 2026 (3 days, 23 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-41949 CVE-2026-41948 CVE-2026-41947 CVE-2026-41950 CVE-2024-5846
29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the sa ... Read more Published Date: Jun 22, 2026 (3 days, 23 hours ago) Vulnerabilities has been mentioned in this article.
IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise
CVE ID :CVE-2026-6062 Published : June 22, 2026, 1:40 p.m. | 2 hours, 3 minutes ago Description :Mattermost versions 11.7.x Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6673 Published : June 22, 2026, 1:38 p.m. | 2 hours, 4 minutes ago Description :Mattermost versions 11.7.x Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8074 Published : June 22, 2026, 1:37 p.m. | 2 hours, 6 minutes ago Description :Mattermost versions 11.7.x Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-9162 Published : June 22, 2026, 1:36 p.m. | 2 hours, 7 minutes ago Description :Mattermost versions 11.7.x Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-5139 Published : June 22, 2026, 1:34 p.m. | 2 hours, 9 minutes ago Description :Mattermost versions 11.7.x }} slash command.. Mattermost Advisory ID: MMSA-2026-00644 Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-10561 Published : June 22, 2026, 1:22 p.m. | 2 hours, 21 minutes ago Description :IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Pagina 151 di 2058