Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.12 views

CVE-2026-5300

Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...

9.1CVSS5.5AI score0.00218EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5302

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

8.1CVSS5.6AI score0.00261EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5301

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS5.4AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.12 views

CVE-2026-5208

Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...

8.2CVSS6AI score0.00972EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/08 11:29 p.m.3 views

SUSE CVE-2026-5300

Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...

9.1CVSS5.8AI score0.00218EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/08 11:29 p.m.5 views

SUSE CVE-2026-5301

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS5.8AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/08 3:31 p.m.5 views

EUVD-2026-20459

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS5.9AI score0.00276EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/08 3:31 p.m.4 views

EUVD-2026-20461

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

6.3CVSS6AI score0.00261EPSS
Exploits1References3
NVD
NVD
added 2026/04/08 1:16 p.m.7 views

CVE-2026-5301

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS0.00276EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 1:16 p.m.11 views

CVE-2026-5302

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

8.1CVSS0.00261EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:5 p.m.2 views

CVE-2026-5302

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

6.3CVSS6AI score0.00261EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:4 p.m.2 views

CVE-2026-5300

Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...

5.9CVSS5.9AI score0.00218EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/08 12:4 p.m.18 views

CVE-2026-5301 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in coolercontrol-ui

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS0.00276EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/08 12:4 p.m.4 views

CVE-2026-5301 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in coolercontrol-ui

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS5.9AI score0.00276EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:4 p.m.3 views

CVE-2026-5301

Stored XSS in log viewer in CoolerControl/coolercontrol-ui 4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries...

7.6CVSS5.9AI score0.00276EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/08 12:4 p.m.19 views

CVE-2026-5301

This CVE affects CoolerControl/coolercontrol-ui prior to version 4.0.0, where a Stored XSS in the log viewer could be exploited by unauthenticated attackers via poisoned log entries. The root cause is unvalidated/sanitized user input rendered in log viewing functionality, enabling JavaScript exec...

7.6CVSS5.9AI score0.00276EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/08 11:36 a.m.9 views

CVE-2026-5208

Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...

8.2CVSS6.3AI score0.00972EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

CoolerControl 操作系统命令注入漏洞

CoolerControl is an open-source control software for cooling devices developed by CoolerControl. Versions of CoolerControl prior to 4.0.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the inclusion of bash commands in alert names, which...

8.2CVSS6.2AI score0.00972EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

CoolerControl 跨站脚本漏洞

CoolerControl is an open-source control software for cooling devices developed by CoolerControl. Versions of CoolerControl prior to 4.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a stored-cross-site scripting mechanism in the log viewer, which could allow...

7.6CVSS5.6AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

CoolerControl 安全漏洞

CoolerControl is an open-source control software for cooling devices developed by CoolerControl. Versions of CoolerControl prior to 4.0.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect CORS configurations, which could allow unverified remote attackers to read...

8.1CVSS5.9AI score0.00261EPSS
Exploits1References2
Rows per page
Query Builder