Lucene search
K

82 matches found

EUVD
EUVD
added 2026/07/03 7:53 a.m.8 views

EUVD-2026-41523

The Zakra theme for WordPress is vulnerable to Stored Cross-Site Scripting via post meta values in all versions up to, and including, 4.2.0. This is due to the theme registering three post meta fields zakramenuitemcolor, zakramenuitemhovercolor, and zakramenuitemactivecolor with 'showinrest' = tr...

6.4CVSS6.1AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 5:21 p.m.37 views

CVE-2026-57954 Elide 7.1.17 - Permission Bypass in Sort Expression Validation

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across...

5.3CVSS0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 7:47 p.m.25 views

CVE-2026-44733 OpenProject: Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 3:16 p.m.9 views

CVE-2026-27604

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

10CVSS0.00408EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 3:16 p.m.3 views

CVE-2026-45833

A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticated attacker to run arbitrary code on the server by sending a malicious model repository and trustremotecode set to true in...

9.4CVSS6.3AI score0.00342EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/06 1:26 a.m.10 views

CVE-2026-8438 All-In-One Security (AIOS) <= 5.4.7 - Unauthenticated Stored Cross-Site Scripting via REST API Request Path

The All-In-One Security AIOS – Security and Firewall plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.4.7. This is due to insufficient input sanitization in the getrestroute function and missing output escaping in the columndefault method of the...

7.2CVSS5.8AI score0.00338EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/06 1:26 a.m.55 views

CVE-2026-8438 All-In-One Security (AIOS) <= 5.4.7 - Unauthenticated Stored Cross-Site Scripting via REST API Request Path

The All-In-One Security AIOS – Security and Firewall plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.4.7. This is due to insufficient input sanitization in the getrestroute function and missing output escaping in the columndefault method of the...

7.2CVSS0.00338EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/05/08 2:30 p.m.8 views

CVE-2026-41308 Password Pusher: JSON API `/p.json` file upload alias bypasses file-push authentication

Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. Thi...

6.5CVSS5.7AI score0.00289EPSS
Exploits0References3
NVD
NVD
added 2026/04/23 8:16 p.m.6 views

CVE-2026-41278

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the...

8.7CVSS0.00421EPSS
Exploits1References1
OSV
OSV
added 2026/04/21 7:17 p.m.4 views

CVE-2026-40874 mailcow: dockerized missing authorization on Forwarding Hosts delete action

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, no administrator verification takes place when deleting Forwarding Hosts with /api/v1/delete/fwdhost. Any authenticated user can call this API. Checks are only applied for edit/add actions,...

6CVSS6AI score0.0017EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/20 11:3 p.m.30 views

CVE-2026-34082 Dify has IDOR in deleting someone else's chat conversation

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

5.3CVSS0.00188EPSS
Exploits1References2
OSV
OSV
added 2026/04/07 5:58 p.m.2 views

CVE-2026-39339 ChurchCRM has an API Authentication Bypass

ChurchCRM is an open-source church management system. Prior to 7.1.0, a critical authentication bypass vulnerability in ChurchCRM's API middleware ChurchCRM/Slim/Middleware/AuthMiddleware.php allows unauthenticated attackers to access all protected API endpoints by including "api/public" anywhere...

9.1CVSS6AI score0.01351EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/07 3:57 p.m.6 views

CVE-2026-35583

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...

5.3CVSS5.9AI score0.0032EPSS
Exploits1References2Affected Software1
GithubExploit
GithubExploit
added 2026/04/02 4:7 p.m.145 views

Exploit for CVE-2026-28767

CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...

5.9AI score0.00486EPSS
Exploits1
Cvelist
Cvelist
added 2026/03/26 11:54 p.m.36 views

CVE-2026-29071 Open WebUI's Insecure Direct Object Reference (IDOR) allows access to other users' memories

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via /api/v1/retrieval/query/collection. Version 0.8.6 patches the issue...

3.1CVSS0.00253EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:54 p.m.2 views

CVE-2026-29071

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via /api/v1/retrieval/query/collection. Version 0.8.6 patches the issue...

3.1CVSS5.8AI score0.00253EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-4504

A flaw has been found in eosphoros-ai db-gpt up to 0.7.5. This vulnerability affects unknown code of the file /api/v1/editor/ of the component Incomplete Fix. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Th...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 8:38 p.m.41 views

CVE-2026-28442 ZimaOS: Arbitrary Deletion of Internal System Files via API Path Manipulation

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be...

8.5CVSS0.00304EPSS
Exploits1References1
CVE
CVE
added 2026/02/27 7:41 p.m.19 views

CVE-2026-27734

Beszel is a server monitoring platform. Before v0.18.2, the hub’s authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied container param to the agent without validation. The agent builds Docker Engine API URLs using fmt.Sprintf with ...

6.5CVSS6AI score0.00484EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/02/07 7:2 p.m.21 views

CVE-2026-2108

The CVE-2026-2108 entry covers jsbroks COCO Annotator up to version 0.11.1. The vulnerability affects the Endpoint component’s /api/info/long_task, where manipulation can cause a denial of service. It is remotely exploitable and has been publicly disclosed; multiple sources note no vendor respons...

7.5CVSS5.4AI score0.00693EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder