6028 matches found
CVE-2026-15518 AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload
A vulnerability has been found in AREA 17 Twill CMS up to 3.6.0. The impacted element is the function FileLibraryController::storeFile of the file src/Http/Controllers/Admin/FileLibraryController.php of the component Media Library Insert Page. Such manipulation of the argument qqfilename leads to...
EUVD-2026-43260
A vulnerability has been found in AREA 17 Twill CMS up to 3.6.0. The impacted element is the function FileLibraryController::storeFile of the file src/Http/Controllers/Admin/FileLibraryController.php of the component Media Library Insert Page. Such manipulation of the argument qqfilename leads to...
CVE-2026-56281
creationtimestamp| type| source ---|---|--- 2026-07-12 17:21:01+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mqhotdnxkt22...
CVE-2026-54652
creationtimestamp| type| source ---|---|--- 2026-07-08 17:35:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq5nqwlaj32q...
CVE-2026-42505
creationtimestamp| type| source ---|---|--- 2026-07-08 17:20:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mq5mx4lmyo2y 2026-07-09 12:00:57+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mq7lkaehpi2d 2026-07-12 12:00:56+00:00| seen|...
CVE-2026-14460
creationtimestamp| type| source ---|---|--- 2026-07-03 17:00:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mpqzirh54m26 2026-07-03 18:20:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpr5xznc7d2h 2026-07-04 09:07:53+00:00| seen|...
CVE-2026-14459
creationtimestamp| type| source ---|---|--- 2026-07-03 17:00:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mpqzikd6a22k 2026-07-03 18:30:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpr6jwkk742z 2026-07-04 08:56:07+00:00| seen|...
CVE-2026-47896
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...
CVE-2026-47898
This CVE affects Lucene.Net.Analysis.Common (PatternParser) in Lucene.Net.Analysis.Common: vulnerable in versions prior to 4.8.0-beta00018. The connected Snyk entry confirms an XML External Entity (XXE) injection vulnerability, where crafted XML could trigger external entity resolution, enabling ...
CVE-2026-13999
creationtimestamp| type| source ---|---|--- 2026-07-01 21:17:41+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgwfxuab26 2026-07-02 07:48:50+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:21:14+00:00| seen|...
CVE-2026-58038
creationtimestamp| type| source ---|---|--- 2026-07-01 16:17:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mplw6dlatg2v 2026-07-02 02:47:13+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmzdnjc5n2q 2026-07-02 06:47:04+00:00| seen|...
EUVD-2026-40395
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled...
CVE-2026-13590
creationtimestamp| type| source ---|---|--- 2026-06-29 17:51:54+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mph2ilx2mu2d 2026-06-29 19:56:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mphbh5w62h2x 2026-06-29 20:42:39+00:00| seen|...
CVE-2026-13499
creationtimestamp| type| source ---|---|--- 2026-06-28 17:51:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpejya3pqk2s 2026-06-29 19:44:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphar23kwl2b...
CVE-2026-55413
creationtimestamp| type| source ---|---|--- 2026-06-25 23:02:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp5jxw3m5w2r...
PT-2026-51831
Name of the Vulnerable Software and Affected Versions Frappe Framework version 17.0.0-dev Description A Stored Cross-Site Scripting XSS issue occurs due to improper neutralization of user-controlled input within the MultiSelectDialog component. Stored XSS is a type of vulnerability where a...
PT-2026-51829
Name of the Vulnerable Software and Affected Versions Frappe Framework version 17.0.0-dev Description A Stored Cross-Site Scripting XSS issue occurs due to improper neutralization of user-controlled input within the File View breadcrumb renderer. Stored XSS is a type of vulnerability where a...
CVE-2026-56395
creationtimestamp| type| source ---|---|--- 2026-06-21 17:20:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mosuvtxh662t 2026-06-22 00:46:37+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnwsotj62v...
CVE-2026-56020
creationtimestamp| type| source ---|---|--- 2026-06-18 17:59:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3molfrsjyox23...
CVE-2026-54193
creationtimestamp| type| source ---|---|--- 2026-06-18 14:09:17+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mokywfkbzb2n...