Lucene search
K

85 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.8 views

CVE-2026-58172

Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows denied clients to circumvent IP-based access restrictions by sending WebSocket upgrade requests. The WebSocket upgrade pipeline branch configured via MapWhen in OcelotPipelineExtensions.cs...

9.3CVSS0.00412EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:43 a.m.9 views

BIT-GRAFANA-2026-9029 Stored XSS via Geomap Panel Template Variable Attribution Injection

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS5.8AI score0.00266EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 2:16 a.m.10 views

CVE-2026-50741

Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as type, or using the ox.setChannelTargeting XML-RPC API method...

8.8CVSS0.02734EPSS
Exploits1References2
CVE
CVE
added 2026/06/26 1:11 a.m.26 views

CVE-2026-50741

CVE-2026-50741 concerns Revive Adserver and describes bypassing the fix for CVE-2026-34916. The connected documents indicate that the bypass can be achieved by: (1) sending a disallowed but otherwise valid plugin identifier as the plugin type, and (2) calling the XML-RPC API method ox.setChannelT...

8.8CVSS7.2AI score0.02734EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 1:11 a.m.42 views

CVE-2026-50741

Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as type, or using the ox.setChannelTargeting XML-RPC API method...

8.8CVSS0.02734EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 1:18 p.m.4 views

CVE-2026-9029

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS5.9AI score0.00266EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/12 6:34 p.m.31 views

CVE-2026-53724

CVE-2026-53724 – Parse Server Stored XSS (trailing-dot bypass) affects Parse Server prior to versions 8.6.79 and 9.9.1-alpha.4. A trailing dot on a filename bypasses the default file upload extension blocklist by making the extension parser yield an empty string, allowing the attacker-controlled ...

2.1CVSS5.2AI score0.00281EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 7:22 a.m.67 views

CVE-2026-45505

CVE-2026-45505 details a Code Injection vulnerability in Apache ActiveMQ components (Broker/All/ActiveMQ) where non-standard Jolokia discovery wrappers (e.g., masterslave:vm://, static:vm://) bypass the fix for CVE-2026-34197. An authenticated attacker could abuse Jolokia’s JMX-HTTP bridge at /ap...

8.8CVSS6.4AI score0.00577EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/05/04 8:29 a.m.7 views

CLSA-2026-1777883384 python3.11: Fix of CVE-2026-4786

CVE-2026-4786: fix webbrowser %action substitution bypass of dash-prefix check by validating url after %action expansion and reordering replace calls so the dash-prefix check sees the final argument...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 11:16 a.m.7 views

CVE-2026-40466

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...

8.8CVSS0.04783EPSS
Exploits13References4
OSV
OSV
added 2026/04/20 9:17 a.m.8 views

CLSA-2026-1776441769 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

7.5CVSS6.9AI score0.19433EPSS
Exploits4References1
OSV
OSV
added 2026/04/20 8:47 a.m.11 views

CLSA-2026-1776441540 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

7.5CVSS6.9AI score0.19433EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2026/04/16 9:12 p.m.3 views

CVE-2026-33472 Cryptomator Hub OAuth token exchange HTTP downgrade via getAuthority() scheme confusion (CVE-2026-32303 bypass)

Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin...

4.8CVSS5.7AI score0.0011EPSS
Exploits1References3
OSV
OSV
added 2026/04/16 12:46 p.m.5 views

OPENSUSE-SU-2026:20584-1 Security update for v2ray-core

This update for v2ray-core fixes the following issues: Changes in v2ray-core: - Update version to 5.47.0 Add sticky choice option for leastping Add support for enrollment links in tlsmirror Add Wireguard Outbound unreleased Add sticky choice option for leastping Generalize IP address parsing in T...

9.1CVSS7.1AI score0.01557EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/04 6:10 a.m.8 views

Directus: SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import

Summary A Server-Side Request Forgery SSRF protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be circumvented using IPv4-Mapped IPv6 address notation. Details Directus implements an IP deny-li...

7.7CVSS5.8AI score0.00336EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/30 8:14 p.m.2 views

CVE-2026-27018

Gotenberg is an API for converting document formats. Prior to version 8.29.0, the fix introduced for CVE-2024-21527 can be bypassed using mixed-case or uppercase URL schemes. This issue has been patched in version 8.29.0...

8.8CVSS5.7AI score0.00574EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/03/24 7:16 p.m.6 views

CVE-2026-33498

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.55 and 9.6.0-alpha.44, an attacker can send an unauthenticated HTTP request with a deeply nested query containing logical operators to permanently hang the Parse Server...

8.7CVSS0.00452EPSS
Exploits0References5
NVD
NVD
added 2026/03/10 9:16 p.m.7 views

CVE-2026-31807

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG blocks dangerous elements , , and removes on event handlers and javascript: in href attributes. However, it does NOT block SVG animation elements , which can dynamically set attributes to dangero...

6.4CVSS0.00445EPSS
Exploits1References1
OSV
OSV
added 2026/03/04 4:15 p.m.5 views

CVE-2026-28695 Craft affected by authenticated RCE via Twig SSTI - create() function + Symfony Process gadget

Craft is a content management system CMS. There is an authenticated admin RCE in Craft CMS 5.8.21 via Server-Side Template Injection using the create Twig function combined with a Symfony Process gadget chain. The create Twig function exposes Craft::createObject, which allows instantiation of...

7.5CVSS6AI score0.00556EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/02 12:5 a.m.4 views

CVE-2025-61594

A flaw was found in the URI module. A remote attacker could exploit this vulnerability by using the + operator to combine Uniform Resource Identifiers URIs. This bypasses a previous fix and can lead to the leakage of sensitive information, such as user credentials passwords, from the original URI...

6.9CVSS5.8AI score0.0051EPSS
Exploits0References8
Rows per page
Query Builder