Lucene search
+L

7765 matches found

NVD
NVD
added 14 hours ago5 views

CVE-2026-62226

OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks...

8.5CVSS
Exploits0References2
Cvelist
Cvelist
added 16 hours ago9 views

CVE-2026-62226 OpenClaw 2026.3.28 < 2026.5.19 Authorization Bypass via Browser Act Route

OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks...

8.5CVSS
Exploits0References2
EUVD
EUVD
added 16 hours ago7 views

EUVD-2026-45114

OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks...

8.5CVSS6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago9 views

Malicious code in @leviosa86com/leviosa86-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96264a8719e17bd8ec21d47213fe31dec87445e01ff312a1e46af5819e028979 Package @leviosa86com/[email protected] ships src/poc/index.js which shells out via childprocess.exec to collect host identifiers hostname, pwd,...

6.1AI score
Exploits0References4
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-44527

CAI Content Credentials is affected by a Server-Side Request Forgery SSRF vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access o...

8.2CVSS6.4AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-44563

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.5AI score0.00138EPSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-48287

CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must...

7.4CVSS0.00139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-48287

CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must...

7.4CVSS6.5AI score0.00139EPSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-48344

Creative Cloud Desktop is affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user...

7.8CVSS0.00104EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-48343

Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-48340

Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.0017EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48325

ColdFusion is affected by a Missing Authentication for Critical Function vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.3CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-48322

ColdFusion is affected by an Improper Control of Generation of Code 'Code Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.9CVSS0.00495EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48319

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.9CVSS0.00884EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48274

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-48272

Creative Cloud Desktop is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scop...

7.8CVSS0.00131EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-48275 Illustrator | Untrusted Search Path (CWE-426)

Illustrator is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed...

8.6CVSS0.00158EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-44553

ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.1CVSS6.5AI score0.00659EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-48327 ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9CVSS0.0023EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago3 views

EUVD-2026-44550

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9CVSS6.5AI score0.0023EPSS
Exploits0References1
Rows per page
Query Builder