Lucene search
K

3432 matches found

nvd
nvd
added 5 days ago12 views

CVE-2026-58480

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the saveattachments function exposed through the Advanced Reviews feature. Attackers can...

9.8CVSS0.00605EPSS
Exploits0References4
euvd
euvd
added 5 days ago5 views

EUVD-2026-42233

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the saveattachments function exposed through the Advanced Reviews feature. Attackers can...

9.8CVSS6.4AI score0.00605EPSS
Exploits0References4
cve
cve
added 5 days ago14 views

CVE-2026-58480

Blocksy Companion Pro

9.8CVSS6.4AI score0.00605EPSS
Exploits0References4
osv
osv
added 6 days ago6 views

PYSEC-2026-1689 Nautobot may allows uploaded media files to be accessible without authentication

Impact Files uploaded by users to Nautobot's MEDIAROOT directory, including DeviceType image attachments as well as images attached to a Location, Device, or Rack, are served to users via a URL endpoint that was not enforcing user authentication. As a consequence, such files can be retrieved by...

6.3CVSS5.9AI score0.00383EPSS
Exploits0References9
attackerkb
attackerkb
added 2026/07/06 2:26 p.m.4 views

CVE-2026-59152

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.8.18, an attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to...

5CVSS6AI score0.00174EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/07/06 2:26 p.m.16 views

CVE-2026-59152

The LangSmith Client SDKs’ TracingMiddleware had a vulnerability before version 0.8.18 where an HTTP request to a server running TracingMiddleware could trigger reading an arbitrary file from the server’s filesystem and uploading it to LangSmith as a trace attachment. This enables a trust-boundar...

5CVSS6AI score0.00174EPSS
Exploits0References1
snyk
snyk
added 2026/07/03 10:19 p.m.7 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass due to insufficient permission checks in the draft release process. An attacker can access sensitive draft release data or attachments by bypassing required write permissions. Remediation Upgrade...

7.5CVSS6AI score0.00345EPSS
Exploits0References2
nvd
nvd
added 2026/07/03 9:16 p.m.7 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

7.5CVSS0.00345EPSS
Exploits0References4
cvelist
cvelist
added 2026/07/03 8:19 p.m.36 views

CVE-2026-27660 Gitea draft releases use insufficient permission checks

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

0.00345EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/03 8:19 p.m.7 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.10 views

PT-2026-55601

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Draft release data or attachments can be accessed by users who do not possess the necessary write permissions. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00345EPSS
Exploits0References7
nvd
nvd
added 2026/07/01 5:16 a.m.7 views

CVE-2026-12902

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00272EPSS
Exploits0References10
euvd
euvd
added 2026/07/01 3:43 a.m.7 views

EUVD-2026-40895

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References10
cve
cve
added 2026/07/01 3:43 a.m.17 views

CVE-2026-12902

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor (WordPress) contains an authorization bypass in all versions up to 3.7.7. Authenticated attackers with contributor-level access can create arbitrary Media Library attachments by downloading remote images into the uploads directory via wp_...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References10
attackerkb
attackerkb
added 2026/07/01 3:43 a.m.7 views

CVE-2026-12902

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References11
cvelist
cvelist
added 2026/07/01 3:43 a.m.37 views

CVE-2026-12902 Kadence Blocks <= 3.7.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary Media Attachment Creation via kadence_import_process_pattern/kadence_import_process_data AJAX Actions

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00272EPSS
Exploits0References10
euvd
euvd
added 2026/06/29 12:30 p.m.8 views

EUVD-2026-40083

FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler that allows authenticated attackers to execute arbitrary code by uploading files with traversal sequences in the uniquename parameter. Attackers can supply path traversal sequences...

8.8CVSS6.6AI score0.00627EPSS
Exploits0References4
osv
osv
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-558 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

A Path Traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. Impact An attacker can craft a malicious .msg file with attachment filenames containing path traversal...

9.8CVSS8.1AI score0.00616EPSS
Exploits0References6
osv
osv
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-339 FireFighter has unauthenticated SSRF in its Raid jira_bot endpoint that allows IAM credential theft

Impact The POST /api/v2/firefighter/raid/jirabot endpoint CreateJiraBotView is reachable without authentication permissionclasses = permissions.AllowAny. Its attachments payload is fetched server-side via httpx.get with no URL validation, then uploaded as an attachment on the Jira ticket that get...

9.9CVSS6AI score0.00272EPSS
Exploits0References6
osv
osv
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-408 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment

Summary The confluencedownloadattachment MCP tool accepts a downloadpath parameter that is written to without any directory boundary enforcement. An attacker who can call this tool and supply or access a Confluence attachment with malicious content can write arbitrary content to any path the serv...

9CVSS6.7AI score0.0226EPSS
Exploits1References6
Rows per page
Query Builder