CVE-2026-26216

creationtimestamp| type| source ---|---|--- 2026-02-12 17:30:19+00:00| seen| https://infosec.exchange/users/offseq/statuses/116058843899581385 2026-02-12 17:30:57+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3meojfv75bp2h 2026-02-13 08:26:19+00:00| seen|...

ayy (>=0.1.6 <=0.1.8), camel-database-agent (>=0.1.0 <=0.2.0) +19 more potentially affected by CVE-2026-26216 via crawl4ai (>=0.3.5 <=0.7.8)

crawl4ai PYPI version =0.3.5, =0.1.6, =0.1.0, =0.2.0, =0.0.38, =0.1.0, =0.1.0, =0.1.0, =0.1.7.4 and more Source cves: CVE-2026-26216 Source advisory: OSV:PYSEC-2026-33...

CVE-2026-26216

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec. The import builtin was included in the allowed builtins, allowing unauthenticated remote...

ayy (>=0.1.6 <=0.1.8), camel-database-agent (>=0.1.0 <=0.2.0) +19 more potentially affected by CVE-2026-26216 via crawl4ai (>=0.3.5 <=0.7.8)

crawl4ai PYPI version =0.3.5, =0.1.6, =0.1.0, =0.2.0, =0.0.38, =0.1.0, =0.1.0, =0.1.0, =0.1.7.4 and more Source cves: CVE-2026-26216 Source advisory: OSV:GHSA-5882-5RX9-XGXP...

CVE-2025-7282

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2021-26216

SeedDMS 5.1.x is affected by cross-site request forgery CSRF in out.EditFolder.php...

CVE-2025-26216

creationtimestamp| type| source ---|---|--- 2025-03-14 20:46:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5wlawa2m...

CVE-2024-26216

Windows File Server Resource Management Service Elevation of Privilege Vulnerability...

CVE-2024-26216 Windows File Server Resource Management Service Elevation of Privilege Vulnerability

...

CVE-2024-26216 Windows File Server Resource Management Service Elevation of Privilege Vulnerability

...

CVE-2023-26216

The CVE-2023-26216 issue affects TIBCO EBX Add-ons ≤ 4.5.16, where the server component allows an attacker to upload files to a directory accessible by the web server, effectively a path-traversal/arbitrary-file-write vulnerability. Root cause: improper handling of file uploads in the server comp...

TIBCO Security Advisory: May 25, 2023 - TIBCO EBX Add-ons -CVE-2023-26216

TIBCO EBX Add-ons Path Traversal Original release date: May 25, 2023 Last revised: --- CVE-2023-26216 Source: TIBCO SoftwareInc. Products Affected TIBCO EBX Add-ons versions 4.5.16 and below The following component is affected: server Description The component listed above contains an exploitable...

TIBCO Security Advisory: May 25, 2023 - TIBCO EBX Add-ons -CVE-2023-26216

TIBCO EBX Add-ons Path Traversal Original release date: May 25, 2023 Last revised: --- CVE-2023-26216 Source: TIBCO SoftwareInc. Products Affected TIBCO EBX Add-ons versions 4.5.16 and below The following component is affected: server Description The component listed above contains an exploitable...

TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2020-009, TYPO3-CORE-SA-2020-010, TYPO3-CORE-SA-2020-011)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if description...

CVE-2021-26216

SeedDMS 5.1.x is affected by cross-site request forgery CSRF in out.EditFolder.php...

CVE-2021-26216

SeedDMS 5.1.x is affected by a Cross-Site Request Forgery (CSRF) in out.EditFolder.php, as documented across multiple sources (SeedDMS and CNVD). The vulnerability allows CSRF to trigger actions that can lead to editing a victim’s document. Root cause details are not explicitly provided beyond th...

CVE-2020-26216

creationtimestamp| type| source ---|---|--- 2020-11-18 00:39:38+00:00| seen| https://t.me/cibsecurity/16490...

CVE-2020-26216

TYPO3 Fluid (typo3fluid/fluid) contains multiple XSS flaws in older Fluid versions (2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11, 2.6.10). The CVE-2020-26216 entry documents three issues: (1) TagBasedViewHelper accepted malicious additionalAttributes keys that could craft HTML when unescaped; (2) Co...

CVE-2020-26216 Cross-Site Scripting in TYPO3 Fluid

TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid: 1. TagBasedViewHelper allowed XSS through maliciously crafted additionalAttributes arrays by creating keys with...