CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

203 matches found

WeGIA <= 3.6.4 - Remote Code Execution

WeGIA = 3.6.5 contains a remote code execution caused by improper validation of backup file names in the database restoration functionality, letting attackers with administrative access execute arbitrary OS commands id: CVE-2026-28409 info: name: WeGIA = 3.6.4 - Remote Code Execution author:...

10CVSS6.6AI score0.0122EPSS

Exploits1References3

ATTACKERKB•added 2026/05/02 11:16 a.m.•2 views

CVE-2026-4100

The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhook configuration in all versions up to, and including, 3.6.5. This is due to missing capability checks on the wpajaxpmprostripecreatewebhook, wpajaxpmprostripedeletewebhook, and...

7.1CVSS5.8AI score0.00047EPSS

Exploits0References3

Positive Technologies•added 2026/05/02 12:0 a.m.•2 views

PT-2026-36609

The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhook configuration in all versions up to, and including, 3.6.5. This is due to missing capability checks on the wp ajax pmpro stripe create webhook, wp ajax pmpro stripe delete...

7.1CVSS5.8AI score0.00047EPSS

Exploits0References3

NVD•added 2026/04/24 7:17 p.m.•2 views

CVE-2026-41894

SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check IsSensitivePath but did not address the root cause — a redundant url.PathUnescape call in serveExport. An authenticated attacker can use double URL encoding...

7.1CVSS0.00052EPSS

Exploits0References3

NVD•added 2026/04/24 7:17 p.m.•2 views

CVE-2026-41421

SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer. The notification route POST /api/notification/pushMsg accepts a user-controlled msg value, forwards it through the backend broadcast...

8.8CVSS0.00033EPSS

Exploits0References1

Vulnrichment•added 2026/04/24 6:56 p.m.•0 views

CVE-2026-41894 SiYuan: Incomplete Fix Bypass for CVE-2026-30869: Path Traversal via Double URL Encoding in `/export/` Endpoint

7.1CVSS5.6AI score0.00052EPSS

Exploits0References3

CVE•added 2026/04/24 6:56 p.m.•4 views

CVE-2026-41894

SiYuan up to version 3.6.4 is vulnerable due to a root cause in serveExport(): a redundant url.PathUnescape() combined with a prior denylist can be bypassed by double URL encoding (%252e%252e), enabling directory traversal and read access to arbitrary workspace files, including the Siyuan databas...

7.1CVSS7.9AI score0.00052EPSS

Exploits0References3

CVE•added 2026/04/24 6:53 p.m.•5 views

CVE-2026-41421

SiYuan desktop prior to version 3.6.5 is vulnerable to local code execution via desktop notifications. The backend forwards user-controlled msg through /api/notification/pushMsg and the frontend injects it into the DOM with insertAdjacentHTML, within an Electron renderer that is configured with n...

8.8CVSS5.6AI score0.00033EPSS

Exploits0References1

Cvelist•added 2026/04/24 6:53 p.m.•26 views

CVE-2026-41421 SiYuan Desktop Notification XSS Leads to Electron RCE

8.8CVSS0.00033EPSS

Exploits0References1

CNNVD•added 2026/04/24 12:0 a.m.•4 views

SiYuan 操作系统命令注入漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.6.5 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the fact that notification messages were rendered in raw HTML format, which...

8.8CVSS6AI score0.00033EPSS

Exploits0References1

ATTACKERKB•added 2026/04/23 6:12 p.m.•4 views

CVE-2026-40886

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...

7.7CVSS5.8AI score0.00054EPSS

Exploits1References2Affected Software1

CVE•added 2026/04/23 6:12 p.m.•8 views

CVE-2026-40886

The CVE describes an unchecked array index in Argo Workflows’ pod informer, specifically in podGCFromPod(), which can cause a controller-wide panic when a workflow pod has a malformed workflows.argoproj.io/pod-gc-strategy annotation. Affected versions span 3.6.5 through 4.0.4, with the panic occu...

7.7CVSS5.8AI score0.00054EPSS

Exploits1References1Affected Software1

Patchstack•added 2026/04/20 9:54 a.m.•2 views

WordPress Easy Digital Downloads plugin <= 3.6.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Easy Digital Downloads versions = 3.6.5...

5.8AI score

Exploits0Affected Software1

EUVD•added 2026/04/01 9:30 p.m.•3 views

EUVD-2026-18003

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

7.5CVSS5.9AI score0.00079EPSS

Exploits0References3

UbuntuCve•added 2026/04/01 7:16 p.m.•1 views

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

7.5CVSS5.9AI score0.00079EPSS

Exploits0References1