Lucene search
K

4981427 matches found

CVE
CVE
added 16 minutes ago11 views

CVE-2026-45755 Symfony: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC — Unauthenticated Webhook Event Injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, MailtrapRequestParser::doParse received the configured webhook secret but ignored the X-Mt-Signature HMAC header, allowing unauthenticated POST requests to inject forged...

6.9CVSS0.00026EPSS
Exploits0References4
Cvelist
Cvelist
added 16 minutes ago2 views

CVE-2026-45755 Symfony: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC — Unauthenticated Webhook Event Injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, MailtrapRequestParser::doParse received the configured webhook secret but ignored the X-Mt-Signature HMAC header, allowing unauthenticated POST requests to inject forged...

6.9CVSS0.00026EPSS
Exploits0References4
CVE
CVE
added 18 minutes ago15 views

CVE-2026-45754 Symfony: Mailjet Mailer Webhook Parser Never Verifies the Configured Secret — Unauthenticated Webhook Event Injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook secrets but did not verify them, allowing unauthenticated POST...

6.9CVSS0.00103EPSS
Exploits0References6
Cvelist
Cvelist
added 18 minutes ago2 views

CVE-2026-45754 Symfony: Mailjet Mailer Webhook Parser Never Verifies the Configured Secret — Unauthenticated Webhook Event Injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook secrets but did not verify them, allowing unauthenticated POST...

6.9CVSS0.00103EPSS
Exploits0References6
CVE
CVE
added 22 minutes ago25 views

CVE-2026-45305 Symfony: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup used regular expressions with overlapping quantifiers for YAML directive, comment, and document marker cleanup,...

8.7CVSS0.00076EPSS
Exploits0References6
Cvelist
Cvelist
added 22 minutes ago2 views

CVE-2026-45305 Symfony: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup used regular expressions with overlapping quantifiers for YAML directive, comment, and document marker cleanup,...

8.7CVSS0.00076EPSS
Exploits0References6
CVE
CVE
added 23 minutes ago31 views

CVE-2026-45304 Symfony: YAML Parser Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs")

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser resolved YAML collection aliases recursively, allowing a small untrusted YAML input to expand into a multi-gigabyte structur...

8.7CVSS0.00076EPSS
Exploits0References6
Cvelist
Cvelist
added 23 minutes ago2 views

CVE-2026-45304 Symfony: YAML Parser Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs")

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser resolved YAML collection aliases recursively, allowing a small untrusted YAML input to expand into a multi-gigabyte structur...

8.7CVSS0.00076EPSS
Exploits0References6
CVE
CVE
added 25 minutes ago40 views

CVE-2026-45069 Symfony: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandler::verifyClaims registered audience aud, issuer iss, and expiry exp checkers but did not pass the mandatory claims list to...

8.8CVSS0.0005EPSS
Exploits0References4
Cvelist
Cvelist
added 25 minutes ago2 views

CVE-2026-45069 Symfony: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandler::verifyClaims registered audience aud, issuer iss, and expiry exp checkers but did not pass the mandatory claims list to...

8.8CVSS0.0005EPSS
Exploits0References4
CVE
CVE
added 27 minutes ago5 views

CVE-2026-47305 Visual Studio Remote Code Execution Vulnerability

...

7.8CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago2 views

CVE-2026-47305 Visual Studio Remote Code Execution Vulnerability

...

7.8CVSS
Exploits0References1
CVE
CVE
added 27 minutes ago3 views

CVE-2026-47304 .NET Security Feature Bypass Vulnerability

...

8.1CVSS
Exploits0References1
CVE
CVE
added 27 minutes ago3 views

CVE-2026-47303 ASP.NET Core Elevation of Privilege Vulnerability

...

8.8CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago2 views

CVE-2026-47304 .NET Security Feature Bypass Vulnerability

...

8.1CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago2 views

CVE-2026-47303 ASP.NET Core Elevation of Privilege Vulnerability

...

8.8CVSS
Exploits0References1
CVE
CVE
added 27 minutes ago5 views

CVE-2026-47302 .NET Denial of Service Vulnerability

...

7.5CVSS
Exploits0References1
CVE
CVE
added 27 minutes ago2 views

CVE-2026-47301 Configuration Manager Elevation of Privilege Vulnerability

...

8.8CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago2 views

CVE-2026-47301 Configuration Manager Elevation of Privilege Vulnerability

...

8.8CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago2 views

CVE-2026-47302 .NET Denial of Service Vulnerability

...

7.5CVSS
Exploits0References1
Rows per page
Query Builder