Lucene search
K

14 matches found

CVE
CVE
added 2026/02/12 9:11 p.m.13 views

CVE-2026-26056

CVE-2026-26056 affects Yoke ATC in 0.19.0 and earlier. A vulnerability in the ATC controller allows users with create/update permissions to inject a malicious URL via the overrides.yoke.cd/flight annotation, causing the ATC controller to download and execute an arbitrary WASM module without prope...

8.8CVSS6.1AI score0.004EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/02/12 9:11 p.m.5 views

CVE-2026-26056 Arbitrary WASM Code Execution via AnnotationOverrideFlight Injection in Yoke ATC

Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. It allows users with CR create/update permissions to execute arbitrary WASM code in the ATC controller context by injecting a...

8.8CVSS6.1AI score0.004EPSS
Exploits1References3
Circl
Circl
added 2026/02/12 1:17 a.m.4 views

CVE-2026-26056

creationtimestamp| type| source ---|---|--- 2026-02-12 01:17:24+00:00| published-proof-of-concept| https://github.com/yokecd/yoke/security/advisories/GHSA-wj8p-jj64-h7ff 2026-02-13 07:02:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mepwrhufac23 2026-02-13 12:40:08+00:0...

8.8CVSS5.8AI score0.004EPSS
Exploits1References3
Circl
Circl
added 2025/04/01 10:15 p.m.6 views

CVE-2025-26056

creationtimestamp| type| source ---|---|--- 2025-04-01 22:15:44+00:00| seen| https://t.me/cvedetector/21802 2025-04-14 17:54:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11660...

5.4CVSS4.8AI score0.00998EPSS
Exploits1References2
CVE
CVE
added 2025/04/01 12:0 a.m.72 views

CVE-2025-26056

CVE-2025-26056 affects Infinxt iEdge 100 (version 2.1.32) with a command injection in the Troubleshoot module’s MTR functionality due to improper validation of the mtrIp input. This allows an attacker to execute arbitrary OS commands with the web application’s privileges. If exploited, this could...

5.4CVSS8.3AI score0.00998EPSS
Exploits1References1
NVD
NVD
added 2024/03/18 6:15 p.m.15 views

CVE-2024-26056

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.1AI score0.00427EPSS
Exploits0References1
CVE
CVE
added 2024/03/18 5:54 p.m.87 views

CVE-2024-26056

Adobe Experience Manager (AEM)

5.4CVSS5.3AI score0.00427EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2023/03/06 12:0 a.m.14 views

XWiki 3.0-milestone-1 < 13.10.10, 14.x < 14.4.5, 14.5.x < 14.8 Incorrect Authorization Vulnerability (GHSA-859x-p6jp-rc2w)

Xwiki is prone to an incorrect authorization vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

5.4CVSS6.1AI score0.00555EPSS
Exploits1References2
Circl
Circl
added 2023/03/02 10:34 p.m.5 views

CVE-2023-26056

creationtimestamp| type| source ---|---|--- 2023-03-02 22:34:47+00:00| seen| https://t.me/cibsecurity/59342...

5.4CVSS5.5AI score0.00555EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/03/02 6:44 p.m.20 views

CVE-2023-26056 XWiki Platform allows macro execution as any user without programming rights through the context macro

XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known...

5.4CVSS5.8AI score0.00555EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/03/02 6:44 p.m.8 views

CVE-2023-26056 XWiki Platform allows macro execution as any user without programming rights through the context macro

XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known...

5.4CVSS7.2AI score0.00555EPSS
Exploits1References5
CVE
CVE
added 2023/03/02 6:44 p.m.70 views

CVE-2023-26056

CVE-2023-26056 affects XWiki Platform. Starting with 3.0-milestone-1, a script can be executed with the privileges of another user if the target user lacks programming rights. The issue is mitigated by patches in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. Connected advisories (GHSA-859X-P6JP-RC2W, os...

5.4CVSS5.5AI score0.00555EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2022/01/19 3:26 a.m.7 views

CVE-2021-26056

...

Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.5 views

CVE-2022-26056

...

Exploits0
Rows per page
Query Builder