Exploit for CVE-2026-5530

CVE-2026-5530 Ollama SSRF via OCI registry redirect with full...

CVE-2026-5530

creationtimestamp| type| source ---|---|--- 2026-04-05 04:21:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mipvkg22fu22 2026-04-10 07:00:15+00:00| published-proof-of-concept| Telegram/4UpY9ng-1B7fl4pW8rF9tQFphK5boVLlHwZbJ8KZ6vXJanY 2026-04-10 09:00:05+00:00|...

CVE-2026-5530

A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file server/download.go of the component Model Pull API. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this...

CVE-2026-5530

A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file server/download.go of the component Model Pull API. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this...

CVE-2026-5530 Ollama Model Pull API download.go server-side request forgery

A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file server/download.go of the component Model Pull API. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this...

CVE-2025-5530

creationtimestamp| type| source ---|---|--- 2025-07-11 08:19:58+00:00| seen| Telegram/VBhZ9x86NGN24A520oCziIGtivYJGgF-0dQkGLJCB8dXwg...

WordPress WPC Smart Compare for WooCommerce plugin <= 6.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin WPC Smart Compare for WooCommerce versions = 6.4.6...

CVE-2019-5530

Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature...

Rocky Linux 8 : python-setuptools (RLSA-2024:5530)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5530 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

AlmaLinux 8 : python-setuptools (ALSA-2024:5530)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5530 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

Oracle Linux 8 : python-setuptools (ELSA-2024-5530)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5530 advisory. 39.2.0-8 - Security fix for CVE-2024-6345 Resolves: RHEL-50470 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CVE-2024-5530

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's WL: Product Horizontal Filter widget in all versions up to, and including, 2.9.0 due to insufficie...

WordPress ShopLentor Plugin <= 2.9.0 is vulnerable to Cross Site Scripting (XSS)

Software ShopLentor Type Plugin Vulnerable versions = 2.9.0 Fixed in 2.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5530 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7f83560dcee5 Credits wesley wcraft Required...

CVE-2023-5530

creationtimestamp| type| source ---|---|--- 2023-11-07 00:25:59+00:00| seen| Telegram/CSbG1lTTj9L-JXmLHsdtURUA6jSgLd6rFdJZ6eZhajwXWw...

WordPress Ninja Forms Plugin < 3.6.34 is vulnerable to Cross Site Scripting (XSS)

Software Ninja Forms Type Plugin Vulnerable versions 3.6.34 Fixed in 3.6.34 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5530 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a9b2d204bb4c Credits Jonathan Zamora Required...

CVE-2023-5530

The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfilteredhtml capability can perform this, and such users are already allowed to use ...

CVE-2023-5530

CVE-2023-5530 affects the WordPress plugin Ninja Forms Contact Form, version prior to 3.6.34. The issue is that label fields are not sanitized/escaped, potentially allowing Stored XSS by high-privilege users (admin) who have unfiltered_html, a capability they already possess. The vulnerability is...

Debian: Security Advisory (DSA-5530-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : PHP vulnerability (USN-5530-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5530-1 advisory. It was discovered that PHP incorrectly handled certain memory operations when obtaining file information. A remote attacker could use this issue to cause PHP to...

Unauthorized access vulnerability in HP ENVY 5530 e-All-in-One Printer series

The HP ENVY 5530 e-All-in-One Printer series printer is an all-in-one printer from HP Trading Shanghai Co. An unauthorized access vulnerability exists in the HP ENVY 5530 e-All-in-One Printer series, which can be exploited by an attacker to gain direct access to the printer control interface...