Lucene search
K

467 matches found

CVE
CVE
added 2026/04/10 7:40 a.m.149 views

CVE-2026-5525

CVE-2026-5525 affects Notepad++ up to version 8.9.3. The issue is a stack-based buffer overflow in the file drop handler (WM_DROPFILES) when dropping a directory path of exactly 259 characters without a trailing backslash. The handler appends a backslash and a null terminator without proper bound...

7.8CVSS6.2AI score0.00166EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/10 7:40 a.m.5 views

CVE-2026-5525

A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds...

6CVSS6.2AI score0.00166EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/08 8:13 p.m.2 views

CVE-2026-39844 NiceGUI has a Path Traversal in NiceGUI Upload Filename on Windows via Backslash Bypass of PurePosixPath Sanitization

NiceGUI is a Python-based UI framework. Prior to 3.10.0, Since PurePosixPath only recognizes forward slashes / as path separators, an attacker can bypass this sanitization on Windows by using backslashes \ in the upload filename. Applications that construct file paths using file.name a pattern...

5.9CVSS6AI score0.00371EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/08 8:13 p.m.17 views

CVE-2026-39844 NiceGUI has a Path Traversal in NiceGUI Upload Filename on Windows via Backslash Bypass of PurePosixPath Sanitization

NiceGUI is a Python-based UI framework. Prior to 3.10.0, Since PurePosixPath only recognizes forward slashes / as path separators, an attacker can bypass this sanitization on Windows by using backslashes \ in the upload filename. Applications that construct file paths using file.name a pattern...

5.9CVSS0.00371EPSS
Exploits0References3
CVE
CVE
added 2026/04/08 8:13 p.m.31 views

CVE-2026-39844

CVE-2026-39844 affects NiceGUI prior to 3.10.0, where upload file names are sanitized using PurePosixPath(filename).name. On Windows, backslashes are not treated as path separators by PurePosixPath, allowing attackers to bypass sanitization with backslash-filled filenames. If applications constru...

7.5CVSS6AI score0.00371EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2026/04/07 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-8151-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.9AI score0.00553EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2026/04/06 4:3 p.m.5 views

USN-8151-1: lambdaisland/uri vulnerability

It was discovered that lambdaisland/uri did not properly sanitize the backslash character in URI strings. An attacker could possibly use this issue to bypass security checks or redirect users...

6.1CVSS6.4AI score0.00553EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/03 8:36 p.m.5 views

CVE-2026-34827

A flaw was found in Rack, a modular Ruby web server interface. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted multipart/form-data request. This request, containing numerous parts with lengthy backslash-escaped parameter values, causes the system to consu...

7.5CVSS5.7AI score0.00475EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/02 8:30 p.m.2 views

EUVD-2026-18474

Rack's multipart header parsing allows Denial of Service via escape-heavy quoted parameters...

7.5CVSS5.9AI score0.00475EPSS
Exploits0References2
RubySec
RubySec
added 2026/04/02 12:0 a.m.13 views

Rack's multipart header parsing allows Denial of Service via escape-heavy quoted parameters

Summary Rack::Multipart::Parserhandlemimehead parses quoted multipart parameters such as Content-Disposition: form-data; name="..." using repeated Stringindex searches combined with Stringslice! prefix deletion. For escape-heavy quoted values, this causes super-linear processing. An unauthenticat...

7.5CVSS5.7AI score0.00475EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/03/30 5:7 p.m.3 views

Directory Traversal

Overview @tinacms/graphql is a GraphQL database generating component for Tina, the headless content management system with support for Markdown, MDX, JSON, YAML, and more. Affected versions of this package are vulnerable to Directory Traversal due to improper validation of backslashes on...

8.1CVSS6.6AI score0.00386EPSS
Exploits0References2
Anthropic
Anthropic
added 2026/03/29 8:45 p.m.17 views

ANT-2026-9VJ9JJXQ · junrar · Path Traversal

path-traversal medium GHSA-j273-m5qq-6825 Severity Claude high · Security research firm - · Maintainer medium Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-9VJ9JJXQ: Arbitrary file write due to backslash path traversal...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.4 views

CVE-2026-33468

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...

8.1CVSS6.1AI score0.00419EPSS
Exploits1References1
NVD
NVD
added 2026/03/26 5:16 p.m.7 views

CVE-2026-33442

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...

8.1CVSS0.00442EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/26 5:3 p.m.2 views

CVE-2026-33468 Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...

8.1CVSS6AI score0.00419EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/26 5:3 p.m.21 views

CVE-2026-33468 Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...

8.1CVSS0.00419EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 5:3 p.m.8 views

CVE-2026-33468

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...

8.1CVSS6AI score0.00419EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/26 5:3 p.m.22 views

CVE-2026-33468

Kysely (TypeScript SQL query builder) prior to version 0.28.14 is vulnerable to SQL injection when using the MySQL dialect if NO_BACKSLASH_ESCAPES is OFF, due to DefaultQueryCompiler.sanitizeStringLiteral() not escaping backslashes. The issue affects code paths that inline values via ImmediateVal...

8.1CVSS6AI score0.00419EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/03/26 5:3 p.m.2 views

CVE-2026-33468 Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...

8.1CVSS6.1AI score0.00419EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/26 5:1 p.m.2 views

CVE-2026-33442 Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...

8.1CVSS5.9AI score0.00442EPSS
Exploits1References1
Rows per page
Query Builder