Lucene search
K

2238 matches found

CVE
CVE
added 2026/05/27 2:59 p.m.25 views

CVE-2026-45570

Technical details beyond the initial description are not present in the connected documents; monitor for updates.

9.6CVSS5.8AI score0.00365EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/27 2:59 p.m.17 views

EUVD-2026-32546

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. A repository path containin...

2.3CVSS5.8AI score0.00365EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43998

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/actions addupdatedelete.inc.php...

6.2AI score0.00384EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:0 a.m.41 views

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

0.00384EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:0 a.m.12 views

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

6.2AI score0.00384EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Versions of Dolibarr ERP/CRM from 22.0.0 to 22.0.4, as wel...

7.3CVSS6.1AI score0.00384EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:0 a.m.19 views

CVE-2026-37711

Dolibarr ERP/CRM is affected in versions 22.0.0 to 22.0.4 and 24.0.0-alpha. The issue enables a remote attacker to execute arbitrary code via the file htdocs/core/actions_addupdatedelete.inc.php. This summary is based on the connected sources; no exploit details or remediation steps are provided ...

7.3CVSS6.2AI score0.00384EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:0 a.m.8 views

CVE-2026-37711

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/actionsaddupdatedelete.inc.php...

6.2AI score0.00384EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.8 views

CVE-2026-37711

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/actionsaddupdatedelete.inc.php...

6.2AI score0.00384EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Versions of Dolibarr ERP/CRM from 22.0.0 to 22.0.4, as wel...

7.3CVSS6.1AI score0.00384EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 12:0 a.m.42 views

CVE-2026-37711

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/actionsaddupdatedelete.inc.php...

0.00384EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.8 views

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

6.2AI score0.00384EPSS
Exploits0References2
OSV
OSV
added 2026/05/26 6:16 p.m.5 views

DEBIAN-CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

7.8CVSS6AI score0.00125EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 5:48 p.m.18 views

EUVD-2026-31946

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

8.2CVSS6AI score0.00125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:48 p.m.15 views

CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

8.2CVSS6AI score0.00125EPSS
Exploits0References2Affected Software2
Debian CVE
Debian CVE
added 2026/05/26 5:48 p.m.10 views

CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

8.2CVSS6AI score0.00125EPSS
Exploits0
NVD
NVD
added 2026/05/25 9:16 p.m.20 views

CVE-2026-48589

Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...

5.4CVSS0.00352EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.11 views

CVE-2026-43827

Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected versions, when a session already...

6.5CVSS5.8AI score0.00412EPSS
Exploits0References4
OSV
OSV
added 2026/05/25 9:16 p.m.11 views

UBUNTU-CVE-2026-48589

Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...

5.4CVSS5.8AI score0.00352EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 9:16 p.m.6 views

UBUNTU-CVE-2026-44598

With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...

5.4CVSS5.9AI score0.00383EPSS
Exploits0References5
Rows per page
Query Builder