Lucene search
K

9802 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.13 views

CVE-2026-44451

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/27 4:58 p.m.11 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:24 p.m.11 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:18 p.m.13 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/05/27 4:12 p.m.15 views

firefox: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.7AI score0.00372EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:12 p.m.18 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.7AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:12 p.m.11 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.7AI score0.00413EPSS
Exploits0References6
NVD
NVD
added 2026/05/27 11:16 a.m.18 views

CVE-2026-42733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.33 views

CVE-2026-42762 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows DOM-Based XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...

7.1CVSS0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.8 views

CVE-2026-42762 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows DOM-Based XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.13 views

EUVD-2026-32209

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows DOM-Based XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.21 views

CVE-2026-42762

CVE-2026-42762 describes a DOM-based XSS in the WordPress plugin “VikBooking Hotel Booking Engine & PMS” (VikBooking) up to version 1.8.9 . The root cause is Improper Neutralization of Input During Web Page Generation . Impact noted as cross-site scripting with potential client-side script execut...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.10 views

CVE-2026-42739 WordPress Advanced IP Blocker plugin <= 8.10.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IniLerm Advanced IP Blocker advanced-ip-blocker allows DOM-Based XSS.This issue affects Advanced IP Blocker: from n/a through = 8.10.7...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.10 views

CVE-2026-42733 WordPress WPCS plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.11 views

CVE-2026-42729 WordPress PropertyHive plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows DOM-Based XSS.This issue affects PropertyHive: from n/a through = 2.2.2...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.30 views

CVE-2026-42729 WordPress PropertyHive plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows DOM-Based XSS.This issue affects PropertyHive: from n/a through = 2.2.2...

7.1CVSS0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.14 views

EUVD-2026-32180

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows DOM-Based XSS.This issue affects PropertyHive: from n/a through = 2.2.2...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.18 views

CVE-2026-42729

CVE-2026-42729 documents a DOM-based Cross-Site Scripting (XSS) vulnerability in the WordPress PropertyHive plugin, specifically in versions &lt;= 2.2.2. The root cause is described as improper neutralization of input during web page generation. Affected product: PropertyHive (WordPress plugin); ...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 9:16 a.m.15 views

CVE-2026-48968

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Master Slider allows DOM-Based XSS. This issue affects Master Slider: from n/a through 3.10.8...

6.5CVSS0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.10 views

PT-2026-44606

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in the Document Object Model DOM allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free...

9.6CVSS6.2AI score0.00368EPSS
Exploits0References156
Rows per page
Query Builder