Lucene search
K

208 matches found

CVE
CVE
added 3 days ago11 views

CVE-2026-12616

The CVE describes a vulnerability in the /v1/upload/sbom endpoint where the iss claim from an attacker-supplied JWT is read with signature verification disabled and interpolated into log statements before validation. The log format renders newlines literally, allowing an unauthenticated attacker ...

6.9CVSS5.8AI score0.00308EPSS
Exploits0References1
OSV
OSV
added 3 days ago5 views

PYSEC-2026-379 Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint

Summary The POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data containing arbitrary Python code in node definitions instead of the stored flow...

9.8CVSS6.8AI score0.98412EPSS
Exploits16References14
NVD
NVD
added last week7 views

CVE-2026-56445

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

9.1CVSS0.00434EPSS
Exploits0References3
Cvelist
Cvelist
added last week28 views

CVE-2026-6094 Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

6.3CVSS0.00294EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52583

Name of the Vulnerable Software and Affected Versions qrscp affected versions not specified Description The C-STORE handler in the qrscp application fails to sanitize specific instances within attacker-supplied DICOM Digital Imaging and Communications in Medicine datasets. These unsanitized value...

9.1CVSS5.9AI score0.00434EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57305

A cross-site request forgery CSRF vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified username and password...

5.4CVSS5.8AI score0.00128EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57298

A cross-site request forgery CSRF vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL using an attacker-specified username, API key, and service key...

5.4CVSS5.8AI score0.00101EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 1:20 p.m.8 views

CVE-2026-57297

CVE-2026-57297 affects Jenkins via the Contrast Continuous Application Security Plugin (3.11 and earlier). The issue is a missing permission check that lets attackers with Overall/Read access cause a connection to an attacker‑specified URL using attacker‑provided credentials (username, API key, s...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57295

A cross-site request forgery CSRF vulnerability in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a81c3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials stored in Jenkins...

5.4CVSS5.8AI score0.00128EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57292

A cross-site request forgery CSRF vulnerability in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...

5.4CVSS5.8AI score0.00101EPSS
Exploits0References2
Jenkins Security Advisories
Jenkins Security Advisories
added 2026/06/24 12:0 a.m.5 views

CSRF vulnerability and missing permission check in contrast-continuous-application-security

contrast-continuous-application-security 3.11 and earlier does not perform a permission check in an HTTP endpoint that tests the connection to a Contrast TeamServer. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username, AP...

5.4CVSS5.8AI score0.00187EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51668

Name of the Vulnerable Software and Affected Versions Post Duplicator versions prior to 3.0.15 Description Users with Contributor-level access and above can perform a PHP Object Injection. This occurs because the plugin fails to safely handle custom meta-data during post duplication, storing...

7.2CVSS5.8AI score0.003EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/23 2:19 a.m.6 views

SUSE CVE-2026-56211

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.5CVSS6.7AI score0.00399EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Amazon Linux 2023 : perl-IO-Compress, perl-IO-Compress-tests (ALAS2023-2026-1825)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1825 advisory. IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19...

7.8CVSS5.8AI score0.00373EPSS
Exploits2References8
CVE
CVE
added 2026/06/19 4:28 p.m.19 views

CVE-2026-56211

CVE-2026-56211 concerns libaom, the reference AV1 codec. The vulnerability stems from insufficient bounds validation in the AV1 encoder’s SVC layer ID control, enabling an attacker-provided frame to overlap internal encoder layer context structures. In fork-based video processing services, this c...

7.1CVSS6.7AI score0.00399EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/16 4:5 p.m.9 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS5.5AI score0.0016EPSS
Exploits1References6
NVD
NVD
added 2026/06/12 8:16 p.m.9 views

CVE-2026-42851

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, an issue body in a TUI, etc. — can cause kitty to execute...

7.8CVSS0.00164EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:0 p.m.8 views

CVE-2026-42851 @kitty-edit DCS + --color=geninclude vulnerable to Unauthenticated in-process RCE

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, an issue body in a TUI, etc. — can cause kitty to execute...

7.8CVSS5.5AI score0.00164EPSS
Exploits1References1
NVD
NVD
added 2026/06/11 9:16 a.m.12 views

CVE-2026-53901

Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add handler attempted to remove an attacker-supplied id from $params before normalizing the request through massageInput. Because the normalized $input could still contain an id field, a user...

8.7CVSS0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.10 views

CVE-2026-7542

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to and including 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via t...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder