Lucene search
K

14300 matches found

Nuclei
Nuclei
added yesterday88 views

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

8.8CVSS6.2AI score0.01875EPSS
Exploits1References2
CVE
CVE
added 3 days ago8 views

CVE-2026-55474

Snipe-IT (IT asset/license management) is affected by a directory-traversal in ActionlogController::displaySig prior to version 8.5.0. The route filename parameter is concatenated into a private upload-directory path without sanitization, enabling an authenticated attacker to read arbitrary files...

7.1CVSS6.2AI score0.00329EPSS
Exploits0References4Affected Software1
NVD
NVD
added 3 days ago6 views

CVE-2026-59190

grav-plugin-admin is an HTML user interface that provides a way to configure Grav and create and modify pages. In 1.10.52 and earlier, an authenticated attacker with admin.users permission can change the password of any user account, including the super administrator, by sending a direct POST...

8.7CVSS0.00215EPSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-56676

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS0.00154EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42905

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
CVE
CVE
added 3 days ago6 views

CVE-2026-61456

Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 is vulnerable to stored XSS via SVG uploads. The HandlesMediaUploads::processUploadedFile() path only validates file extension and does not call Security::sanitizeSVG(), enabling an authenticated attacker with api.media.write to upload an SVG...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
CVE
CVE
added 3 days ago9 views

CVE-2026-41880

CVE-2026-41880: R-SOFT DMS OCR module is vulnerable to OS Command Injection via unsanitized user-controllable file paths passed to the system shell through SSH. An authenticated attacker triggering OCR on an uploaded file can execute commands as root. The issue is mitigated by fixes in v3.19-2862...

9CVSS6.2AI score0.01331EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-41877 Stored XSS in R-SOFT DMS

R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...

5.1CVSS0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-41876 OS Command Injection in R-SOFT DMS

R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user...

8.7CVSS0.01228EPSS
Exploits0References1
Veracode
Veracode
added 3 days ago6 views

Improper Access Control

Coder is vulnerable to Improper Access Control. The vulnerability is due to the tailnet coordinator validating an agent's Addresses but not its AllowedIPs, which allows an authenticated attacker to advertise unauthorized IP prefixes that are propagated to WireGuard peers, potentially enabling...

8.2CVSS6.1AI score0.00405EPSS
Exploits0References9Affected Software2
CVE
CVE
added 3 days ago9 views

CVE-2026-12123

CVE-2026-12123 describes a Server-Side Request Forgery in the WordPress plugin All-in-One Video Gallery (versions

6.4CVSS6AI score0.00246EPSS
Exploits0References12
NVD
NVD
added 4 days ago6 views

CVE-2026-31267

Mercusys MW302R MW302REUV11.4.10 Build 231023 is vulnerable to Buffer Overflow in the administrative web interface. A stack buffer overflow vulnerability in the administrative web interface allows an authenticated attacker with administrative privileges to trigger a system crash by sending a...

5.7CVSS0.00198EPSS
Exploits0References2
NVD
NVD
added 4 days ago11 views

CVE-2026-33799

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS0.0036EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42700

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS6AI score0.0036EPSS
Exploits0References1
NVD
NVD
added 4 days ago7 views

CVE-2026-54798

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-54798

The CVE-2026-54798 entry concerns CPCI85 Central Processing/Communication (all versions < V26.20) and SICORE Base system (all versions

7.1CVSS5.9AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42593

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS5.9AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42584

An Improper Input Validation vulnerability in BigQuery DAO in Google Cloud Apigee versions prior to 2026-06-12 on Google Cloud Platform allows an authenticated attacker to exfiltrate cross-tenant data. This vulnerability was patched on 12 June 2026 on the Apigee Servers, and no customer action is...

5.9CVSS6AI score0.00188EPSS
Exploits0References1
ICS
ICS
added 4 days ago5 views

OpenPLC v3

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an authenticated attacker to write arbitrary files to the filesystem and escalate this into arbitrary native code execution through the normal OpenPLC program compilation process, potentially resulting in code execution...

9.9CVSS6.5AI score0.00616EPSS
Exploits0References13
ATTACKERKB
ATTACKERKB
added 4 days ago9 views

CVE-2026-5523

The Divi Form Builder plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 5.1.8. This is due to the updateuser function accepting a user ID parameter from form submissions without verifying that the authenticated user has permission to edit that specific...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References3
Rows per page
Query Builder