Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.9 views

CVE-2026-53674

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

7.1CVSS5.5AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 12:31 a.m.12 views

EUVD-2026-35878

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

7.1CVSS5.5AI score0.00288EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 12:16 a.m.16 views

CVE-2026-53674

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

7.1CVSS0.00288EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:44 p.m.35 views

CVE-2026-53674 BuddyPress 14.4.0 REGEXP Injection via @Mention Username Resolution

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

7.1CVSS0.00288EPSS
Exploits0References3
Rows per page
Query Builder