Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

24948 risultati

VulnerabilitàAlta
CVE-2026-56073 - Cap-go - OTP Bypass via Response Manipulation in Email Verification

CVE ID :CVE-2026-56073 Published : June 19, 2026, 9:39 p.m. | 14 hours, 4 minutes ago Description :Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful, enabling unauthorized 2FA enablement and account takeover. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàCritica
CVE-2026-48584 (CVSS 9.9)

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.

NVD (NIST)19 giu 2026
VulnerabilitàCritica
CVE-2026-48582 (CVSS 9.6)

Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

NVD (NIST)19 giu 2026
VulnerabilitàCritica
CVE-2026-45480 (CVSS 10)

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2026-47645 - Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability

CVE ID :CVE-2026-47645 Published : June 19, 2026, 8:29 p.m. | 17 hours, 13 minutes ago Description :None Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-48582 - Microsoft Exchange Online Elevation of Privilege Vulnerability

CVE ID :CVE-2026-48582 Published : June 19, 2026, 8:29 p.m. | 15 hours, 13 minutes ago Description :None Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-50519 - Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability

CVE ID :CVE-2026-50519 Published : June 19, 2026, 8:28 p.m. | 17 hours, 14 minutes ago Description :None Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-48584 - Microsoft Azure Synapse Elevation of Privilege Vulnerability

CVE ID :CVE-2026-48584 Published : June 19, 2026, 8:27 p.m. | 15 hours, 15 minutes ago Description :None Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-45480 - Azure Active Directory Elevation of Privilege Vulnerability

CVE ID :CVE-2026-45480 Published : June 19, 2026, 8:27 p.m. | 15 hours, 15 minutes ago Description :None Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-42895 - Microsoft Copilot Tampering Vulnerability

CVE ID :CVE-2026-42895 Published : June 19, 2026, 8:27 p.m. | 17 hours, 15 minutes ago Description :None Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-32208 - Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE ID :CVE-2026-32208 Published : June 19, 2026, 8:27 p.m. | 15 hours, 15 minutes ago Description :None Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026
VulnerabilitàAlta
CVE-2026-50559 - Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities

CVE ID :CVE-2026-50559 Published : June 19, 2026, 8:26 p.m. | 15 hours, 16 minutes ago Description :Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2, Quarkus HTTP path-based authorization policies can be bypassed using encoded semicolons (%3B) to smuggle matrix parameters past the security layer, and using encoded slashes (%2F) or backslashes (%5C) to access protected static resources. This is a distinct issue from CVE-2026-39852, which addressed only literal semicolon stripping. Versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2 contain a patch. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE19 giu 2026

Pagina 190 di 2079

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.