Lucene search
K

120 matches found

CNNVD
CNNVD
added 2026/03/11 12:0 a.m.8 views

Cloud CLI 代码注入漏洞

Cloud CLI is a multi-model AI programming assistant desktop and mobile interface open-sourced by Siteboon. Versions of Cloud CLI prior to 1.24.0 contained a code injection vulnerability. This vulnerability stemmed from the /api/user/git-config endpoint constructing shell commands without properly...

8.8CVSS6AI score0.06034EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/10 11:57 p.m.5 views

Arbitrary Code Injection

Overview @siteboon/claude-code-ui is an A web-based UI for Claude Code CLI Affected versions of this package are vulnerable to Arbitrary Code Injection in the git-config endpoint due to improper sanitization of user-supplied input in shell command construction. An attacker can execute arbitrary O...

8.8CVSS6.1AI score0.06034EPSS
Exploits1References2
OSV
OSV
added 2026/03/10 6:18 p.m.6 views

DEBIAN-CVE-2026-30928

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...

7.5CVSS8.4AI score0.01657EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 4:15 p.m.5 views

CVE-2026-30928 Glances Exposes Unauthenticated Configuration Secrets

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...

8.7CVSS5.8AI score0.01657EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.6 views

PT-2026-24752

Shell Command Injection in User Git Config Endpoint | Field | Value | |-------|-------| | Severity | High | | CVSS 3.1 | 8.8 High — when chained with VULN-01 | | CWE | CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' | | Attack Vector | Network | |...

8.8CVSS6.3AI score0.06034EPSS
Exploits1References10
OSV
OSV
added 2026/02/22 2:16 a.m.3 views

CVE-2026-2908

A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some unknown functionality of the file /boaform/formLoopBack of the component Loopback Detection Configuration Endpoint. Such manipulation of the argument Ethtype leads to stack-based buffer overflow. The...

8.8CVSS6.5AI score
Exploits0References5
OSV
OSV
added 2026/02/18 10:44 p.m.16 views

GHSA-37GC-85XM-2WW6 OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection

Summary Stored XSS in the OpenClaw Control UI when rendering assistant identity name/avatar into an inline tag without script-context-safe escaping. A crafted value containing could break out of the script tag and execute attacker-controlled JavaScript in the Control UI origin. Affected Packages ...

5.8CVSS5.8AI score0.00228EPSS
Exploits1References6
OSV
OSV
added 2026/02/16 5:16 a.m.3 views

CVE-2026-2535

A vulnerability was found in Comfast CF-N1 V2 2.6.0.2. The impacted element is the function sub44AB9C of the file /cgi-bin/mbox-config?method=SET&section=ptestchannel. The manipulation of the argument channel results in command injection. The attack can be launched remotely. The exploit has been...

8.8CVSS5.6AI score0.13526EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.12 views

CVE-2026-24748

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty...

7.2CVSS5.8AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 9:23 p.m.27 views

CVE-2026-24748 Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty...

6.9CVSS0.00342EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/29 5:54 a.m.15 views

CVE-2025-66203

StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...

9.9CVSS7.5AI score0.00671EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/26 11:37 p.m.2 views

CVE-2025-66203 StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection

StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...

9.9CVSS7.1AI score0.00671EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/19 12:41 a.m.12 views

CVE-2025-63391

An authentication bypass vulnerability exists in Open-WebUI =0.6.32 in the /api/config endpoint. The endpoint lacks proper authentication and authorization controls, exposing sensitive system configuration data to unauthenticated remote attackers...

7.5CVSS7.3AI score0.00548EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 4:15 p.m.7 views

CVE-2025-63391

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

0.00548EPSS
Exploits0
OSV
OSV
added 2025/12/18 4:15 p.m.5 views

CVE-2025-63391

An authentication bypass vulnerability exists in Open-WebUI =0.6.32 in the /api/config endpoint. The endpoint lacks proper authentication and authorization controls, exposing sensitive system configuration data to unauthenticated remote attackers...

7.5CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/12/18 3:45 p.m.4 views

Missing Authentication for Critical Function

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/config endpoint. An attacker can access sensitive system configuration data by sending unauthenticated GET requests to this endpoint. Remediation Ther...

8.7CVSS5.6AI score0.00548EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.3 views

CVE-2025-63391

...

5.8AI score0.00548EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.27 views

CVE-2025-63391

...

0.00548EPSS
Exploits0
CVE
CVE
added 2025/12/18 12:0 a.m.53 views

CVE-2025-63391

Open-WebUI contains an authentication bypass in the /api/config endpoint present in versions up to 0.6.32, allowing unauthenticated remote attackers to access sensitive system configuration data. This is documented across multiple sources (RH/CVE-2025-63391, ENISA EUVD, CNNVD) and corroborated by...

6.9AI score0.00548EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/17 6:2 p.m.9 views

CVE-2023-53895

PimpMyLog 1.7.14 contains an improper access control vulnerability that allows remote attackers to create admin accounts without authorization through the configuration endpoint. Attackers can exploit the unsanitized username field to inject malicious JavaScript, create a hidden backdoor account,...

9.8CVSS6.6AI score0.00567EPSS
Exploits1References1
Rows per page
Query Builder