6.3

CVSS3.0

CVE-2026-28712 - DLL Hijacking Enables Local Privilege Escalation in Acronis Cyber Protect 17

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.

πŸ“… Published: March 5, 2026, 11:50 p.m. πŸ”„ Last Modified: April 16, 2026, noon

6.3

CVSS3.0

CVE-2026-28711 - Local Privilege Escalation via DLL Hijacking in Acronis Cyber Protect 17

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.

πŸ“… Published: March 5, 2026, 11:50 p.m. πŸ”„ Last Modified: April 17, 2026, 12:45 p.m.

9.8

CVSS3.1

CVE-2026-28710 - Authentication Bypass Causing Sensitive Data Exposure in Acronis Cyber Protect 17

Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

πŸ“… Published: March 5, 2026, 11:48 p.m. πŸ”„ Last Modified: April 18, 2026, 5:30 p.m.

4.3

CVSS3.1

CVE-2026-28709 - Improper Authorization Allows Unauthorized Resource Manipulation in Acronis Cyber Protect

Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

πŸ“… Published: March 5, 2026, 11:48 p.m. πŸ”„ Last Modified: April 17, 2026, 12:45 p.m.

4.4

CVSS3.0

CVE-2025-11790 -

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.

πŸ“… Published: March 5, 2026, 11:47 p.m. πŸ”„ Last Modified: March 13, 2026, 4:42 p.m.

7.1

CVSS3.1

CVE-2025-11791 -

Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.

πŸ“… Published: March 5, 2026, 11:46 p.m. πŸ”„ Last Modified: March 13, 2026, 4:33 p.m.

7.3

CVSS3.0

CVE-2025-11792 -

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 41124.

πŸ“… Published: March 5, 2026, 11:45 p.m. πŸ”„ Last Modified: March 13, 2026, 4:41 p.m.

7.8

CVSS3.0

CVE-2026-28727 - Local Privilege Escalation via Improper Unix Socket Permissions in Acronis Cyber Protect

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.

πŸ“… Published: March 5, 2026, 11:45 p.m. πŸ”„ Last Modified: April 15, 2026, 8 p.m.

6.9

CVSS4.0

CVE-2026-27770 - ePower epower.ie Insufficiently Protected Credentials

Charging station authentication identifiers are publicly accessible via web-based mapping platforms.

πŸ“… Published: March 5, 2026, 11:39 p.m. πŸ”„ Last Modified: April 16, 2026, noon

6.9

CVSS4.0

CVE-2026-24912 - ePower epower.ie Insufficient Session Expiration

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connect…

πŸ“… Published: March 5, 2026, 11:38 p.m. πŸ”„ Last Modified: May 6, 2026, 2:44 p.m.
Total resulsts: 349182
Page 1289 of 34,919
Β« previous page Β» next page
Filters