Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

89 matches found

RedhatCVE
RedhatCVEadded last week7 views

CVE-2026-46367

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craft URLs with unescaped quotes to inject event handlers, stealing admin session cookies and achieving...

8.3CVSS5.7AI score0.00012EPSS
Exploits0References1
OSV
OSVadded 2026/05/25 2:36 p.m.6 views

BIT-AUTHENTIK-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS5.7AI score0.0002EPSS
Exploits0References4
NVD
NVDadded 2026/05/21 12:16 a.m.5 views

CVE-2026-40165

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS0.0002EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/20 11:35 p.m.34 views

CVE-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS0.0002EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/20 11:35 p.m.3 views

CVE-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS5.7AI score0.0002EPSS
Exploits0References3
CVE
CVEadded 2026/05/20 11:35 p.m.12 views

CVE-2026-40165

The CVE affects the open‑source IdP project authentik. Versions 2025.12.4 and earlier, and 2026.2.0-rc1 through 2026.2.2 are affected by Authentication Bypass via SAML NameID XML Comment Injection. Due to how NameID is extracted from a SAML assertion, an attacker who has an account on the SAML So...

8.7CVSS5.7AI score0.0002EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.5 views

PT-2026-42273

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions 2026.2.0-rc1 through 2026.2.2 Description An authentication bypass exists due to SAML NameID XML Comment Injection. The software incorrectly extracts the NameID value from a SAML...

8.7CVSS5.8AI score0.0002EPSS
Exploits0References10
NVD
NVDadded 2026/05/13 4:16 p.m.5 views

CVE-2026-44664

fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace/--/g, '- -'. This skip the values containing three consecutive dashes e.g., ---..., allowing an attacker to break out of an XML comment and...

6.1CVSS0.0001EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/13 3:27 p.m.27 views

CVE-2026-44664 fast-xml-builder: Comment Value bypass regex

fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace/--/g, '- -'. This skip the values containing three consecutive dashes e.g., ---..., allowing an attacker to break out of an XML comment and...

6.1CVSS0.0001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/13 3:27 p.m.3 views

CVE-2026-44664

fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace/--/g, '- -'. This skip the values containing three consecutive dashes e.g., ---..., allowing an attacker to break out of an XML comment and...

6.1CVSS5.9AI score0.00012EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/05/13 3:27 p.m.9 views

CVE-2026-44664

The CVE concerns fast-xml-builder, which converts JSON to XML. In version 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitized -- sequences in XML comments via .replace(/--/g, '- -'), allowing an attacker to break out of a comment and inject arbitrary XML/HTML. The issue is addressed in...

6.1CVSS5.9AI score0.0001EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/05/08 4:27 p.m.20 views

fast-xml-builder Comment Value regex can be bypassed

Summary The fix for https://github.com/advisories/GHSA-gh4j-gqv2-49f6 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace/--/g, '- -'. This skip the values containing three consecutive dashes e.g., ---..., allowing an attacker to break out of an XML comment and inject...

6.1CVSS6AI score0.0001EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVEadded 2026/05/08 2:21 a.m.4 views

SUSE CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

8.7CVSS5.8AI score0.00074EPSS
Exploits0References3
OSV
OSVadded 2026/05/07 3:16 p.m.4 views

UBUNTU-CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.7AI score0.00012EPSS
Exploits1References4
CVE
CVEadded 2026/05/07 1:36 p.m.29 views

CVE-2026-41650

CVE-2026-41650 affects fast-xml-parser XMLBuilder prior to v5.7.0, where unescaped "-->" in comments and "]]>" in CDATA can lead to XML injection when user-controlled data is built into XML from JavaScript objects. This can enable XSS, SOAP injection, or data manipulation as described in th...

6.1CVSS5.7AI score0.00012EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/07 1:36 p.m.5 views

CVE-2026-41650 fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.7AI score0.00012EPSS
Exploits1References2
NVD
NVDadded 2026/05/07 4:16 a.m.5 views

CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

8.7CVSS0.00074EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/05/07 3:36 a.m.4 views

CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

8.7CVSS5.8AI score0.00074EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2026/05/07 3:36 a.m.27 views

CVE-2026-41672

CVE-2026-41672 affects xmldom/xmldom: attacker-controlled comment content can be serialized into XML, enabling injection of arbitrary nodes by breaking out of XML comments. The vulnerability exists in versions prior to 0.9.10 and 0.8.13 (and 0.6.0 and earlier) and is mitigated in 0.9.10 and 0.8.1...

8.7CVSS5.8AI score0.00074EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Databaseadded 2026/05/07 12:0 a.m.6 views

container: pf Rule Injection via Domain Name Argument in `container system dns create --localhost` Command

The container system dns create --localhost command accepts a domainName argument and passes it unsanitized into the pf anchor file /etc/pf.anchors/com.apple.container as a comment in a rule line. A domain name containing a newline character breaks out of the comment context and injects an...

6AI score
Exploits0References2Affected Software1
Rows per page
Query Builder