Lucene search
K

4965 matches found

EUVD
EUVD
added 2026/01/29 5:39 p.m.8 views

EUVD-2026-4964

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.44, AutoGPT Platform's block execution endpoints both main web API and external API allow executing blocks by UUID...

9.4CVSS6.2AI score0.01147EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/29 3:19 p.m.8 views

CVE-2025-14283

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00181EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/29 3:4 p.m.13 views

AutoGPT is Vulnerable to RCE via Disabled Block Execution

Summary AutoGPT Platform's block execution endpoints both main web API and external API allow executing blocks by UUID without checking the disabled flag. Any authenticated user can execute the disabled BlockInstallationBlock, which writes arbitrary Python code to the server filesystem and execut...

9.4CVSS6.6AI score0.01147EPSS
Exploits1References8Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/28 7:48 p.m.11 views

Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

6AI score
Exploits0References1
Snyk
Snyk
added 2026/01/28 4:33 p.m.5 views

Malicious Package

Overview css-blocks-ember is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2026/01/28 12:15 p.m.3 views

CVE-2025-14283

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS0.00181EPSS
Exploits0References3
CVE
CVE
added 2026/01/28 11:23 a.m.21 views

CVE-2025-14283

CVE-2025-14283 - BlockArt Blocks (WordPress plugin) : A stored XSS vulnerability in BlockArt Counter is caused by insufficient input sanitization and output escaping on user-supplied attributes. It affects BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks, WordPress Block Plugin, Sections &...

6.4CVSS6AI score0.00181EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/28 11:23 a.m.5 views

CVE-2025-14283 BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library <= 2.2.14 - Authenticated (Contributor+) Stored Cross-Site Scripting

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00181EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/28 11:23 a.m.5 views

EUVD-2025-206510

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/28 11:23 a.m.4 views

CVE-2025-14283

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00181EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/28 11:23 a.m.28 views

CVE-2025-14283 BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library <= 2.2.14 - Authenticated (Contributor+) Stored Cross-Site Scripting

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS0.00181EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/28 1:47 a.m.9 views

WordPress BlockArt Blocks plugin <= 2.2.14 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin BlockArt Blocks versions = 2.2.14...

6.4CVSS5.9AI score0.00181EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.6 views

WordPress plugin BlockArt Blocks has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.00181EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.5 views

PT-2026-5087

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BlockArt Counter in all versions up to, and including, 2.2.14 due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00181EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/27 9:23 a.m.14 views

CVE-2025-14973

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

6.8CVSS5.9AI score0.00313EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 9:15 a.m.3 views

CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

7.5CVSS5.5AI score0.00618EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/27 2:52 a.m.6 views

WordPress Recipe Card Blocks plugin < 3.4.13 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Purachai Phonwisut in WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor versions 3.4.13...

6.8CVSS5.9AI score0.00313EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.7 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005012)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005012 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4handleinodeextension We got issue as follows: EXT4-fs error device loop...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.8 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005063 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a...

7.1CVSS5.8AI score0.0025EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/01/26 1:47 p.m.6 views

WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Nexter Blocks versions = 4.6.3...

7.5CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Rows per page
Query Builder