Lucene search
+L

2446 matches found

NVD
NVD
added last week7 views

CVE-2026-9017

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00273EPSS
Exploits0References8
CVE
CVE
added last week16 views

CVE-2026-9017

The CVE describes an authorization bypass in the NEX-Forms – Ultimate Forms Plugin for WordPress (vulnerable up to and including 9.2.2). The underlying issue is that the plugin does not properly verify that a user is authorized to perform an action, enabling unauthenticated attackers to overwrite...

5.3CVSS6.1AI score0.00273EPSS
Exploits0References8
OSV
OSV
added 2026/07/11 4:13 a.m.2 views

JLSEC-2026-662 libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey...

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS7AI score0.00333EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/11 12:31 a.m.7 views

EUVD-2026-43116

OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑upload workflow. The application stores an attacker‑supplied filename progfile directly into the Programs.File database field and later uses this value as the destination path for an...

9.9CVSS6.2AI score0.00616EPSS
Exploits0References3
NVD
NVD
added 2026/07/10 8:16 p.m.9 views

CVE-2026-55461

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the user edit flow stores url-previous from the attacker-controlled Referer header into Laravel’s intended URL session value and later uses redirect-intended... when redirectoption=back is submitted, allowing Snipe-IT to be used a...

6.1CVSS0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/10 8:16 p.m.34 views

CVE-2026-57211 RabbitMQ: UNC SSRF affecting the management UI on Windows

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbitmgmtwmstatic can pass URL-encoded backslashes to erlprimloader:readfileinfo before path validation when multiple management extension plugins are enabled,...

6.5CVSS0.00404EPSS
Exploits1References5
NVD
NVD
added 2026/07/10 5:17 p.m.10 views

CVE-2026-59161

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the streaming worksheet reader used by Rows and GetRows does not enforce the TotalRows limit on the row r attribute, allowing a small XLSX file with a row number above 1048576 and no cell...

8.7CVSS0.00655EPSS
Exploits1References4
NVD
NVD
added 2026/07/10 5:17 p.m.9 views

CVE-2026-55782

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's WebAssembly archive handler in NanaZip.Codecs.Archive.WebAssembly.cpp allocates buffers from attacker-controlled 32-bit section and custom-name length fields without validating them against...

2.4CVSS0.00113EPSS
Exploits0References5
OSV
OSV
added 2026/07/10 4:46 p.m.4 views

CVE-2026-55782 NanaZip: Unbounded memory allocation (DoS) in NanaZip WebAssembly parser via attacker-controlled section/name length fields

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's WebAssembly archive handler in NanaZip.Codecs.Archive.WebAssembly.cpp allocates buffers from attacker-controlled 32-bit section and custom-name length fields without validating them against...

2.4CVSS6.1AI score0.00113EPSS
Exploits0References7
Snyk
Snyk
added 2026/07/10 4:35 p.m.8 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the image process in open-sse/translator/concerns/image.js. An attacker can access internal-only HTTP services by...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References2
CVE
CVE
added 2026/07/10 3:53 p.m.21 views

CVE-2026-54063

Excelize CVE-2026-54063: The library vulnerable due to checkSheet() using attacker-controlled row attribute to allocate memory for xlsxRow slices without enforcing the Excel row limit. This can cause (A) out-of-memory leading to process kill and (B) runtime panic from out-of-bounds indexing when ...

7.5CVSS6.1AI score0.00607EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2026/07/10 8:14 a.m.7 views

Improper Input Validation

github.com/coder/coder is vulnerable to Improper Input Validation. The vulnerability is due to insufficient validation of the scheme and host in external workspace application URLs before substituting the $SESSIONTOKEN placeholder, which allows an attacker controlling a malicious workspace templa...

7.7CVSS6.1AI score0.00336EPSS
Exploits0References9Affected Software2
SUSE CVE
SUSE CVE
added 2026/07/10 3:20 a.m.5 views

SUSE CVE-2026-8924

A flaw in curl's cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an attacker-controlled origin to inject cookies that curl subsequently scopes and transmits to unrelated third-party domains...

8.1CVSS6.1AI score0.00649EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/07/10 12:0 a.m.9 views

PT-2026-57272

Name of the Vulnerable Software and Affected Versions MCP Server Kubernetes versions prior to 3.9.0 Description An argument injection issue exists in the structured tools kubectl get, kubectl describe, and kubectl delete. Improper input validation and argument parsing allow the resourceType and...

9.8CVSS6.1AI score0.00421EPSS
Exploits1References14
NVD
NVD
added 2026/07/09 7:17 p.m.7 views

CVE-2026-55590

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

6.1CVSS0.0028EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/09 3:55 p.m.12 views

Malicious code in express-router-engine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49091d8e8923e3e709cebd14f01ee1617267bf3f9b6be99052603715b7cf9f70 The sole shipped file index.js is a heavily obfuscated RC4 + base64 string-array, 337-entry rotated array, control-flow flattening IIFE that executes...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/09 3:48 p.m.13 views

Malicious code in polymarket-apis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd77c8861490c0b5607b4029f8f9e51f12efb83a6696fc51b953b0a3cde1356b The package impersonates the Polymarket brand name polymarket-apis, author polymarket but contains no Polymarket API integration. Its exported...

6.4AI score
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/07/09 8:1 a.m.6 views

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server.

...

5.4CVSS6.1AI score0.00241EPSS
Exploits0
OSV
OSV
added 2026/07/08 9:16 p.m.2 views

DEBIAN-CVE-2026-55206

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo.read in archiveinfo.py used an On^2 cumulative sum pattern for attacker-controlled numstreams values parsed from archive headers, allowing a crafted...

8.7CVSS6.1AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/07/08 9:16 p.m.7 views

CVE-2026-55206

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo.read in archiveinfo.py used an On^2 cumulative sum pattern for attacker-controlled numstreams values parsed from archive headers, allowing a crafted...

8.7CVSS0.00321EPSS
Exploits0References3
Rows per page
Query Builder