Lucene search
K

64 matches found

CVE
CVE
added 2 days ago19 views

CVE-2026-55671

ZITADEL (github.com/zitadel/zitadel) is affected in versions 4.0.0-rc.1 through 4.15.1 by an SSRF in outgoing HTTP components (HTTP notification channels, OIDC BackChannel Logout, and SAML metadata URL fetches). The issue arises from inadequate validation against a protected denylist, allowing se...

2.3CVSS6.1AI score0.00252EPSS
Exploits0References3
NVD
NVD
added 5 days ago8 views

CVE-2026-23697

Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing the extension denylist in config.inc.php which omits the...

8.8CVSS0.00758EPSS
Exploits2References3
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42055

Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing the extension denylist in config.inc.php which omits the...

8.8CVSS6.8AI score0.00758EPSS
Exploits2References3
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-257 AutoGPT bypass of the shell commands denylist settings

A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as whoami and /bin/whoami. An attacker can circumvent this restriction by executing...

9.8CVSS7.3AI score0.00812EPSS
Exploits1References6
NVD
NVD
added 2026/06/28 2:16 a.m.9 views

CVE-2026-58057

Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nodeoptions' bypasses the NODEOPTIONS denylist entry. An authenticated user who can configure a Custo...

5CVSS0.00827EPSS
Exploits3References3
Cvelist
Cvelist
added 2026/06/28 1:32 a.m.49 views

CVE-2026-58057 Flowise - Custom MCP Environment Variable Denylist Bypass via Case Sensitivity

Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nodeoptions' bypasses the NODEOPTIONS denylist entry. An authenticated user who can configure a Custo...

5CVSS0.00827EPSS
Exploits3References3
Cvelist
Cvelist
added 2026/06/24 5:31 p.m.34 views

CVE-2026-48721 Warp: Env-var prefixes can lead to denylisted command autoexecution

Warp is an agentic development environment. From 0.2025.10.08.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The CLI profile is non-interactive and relies on a command denylist as a safety...

8.6CVSS0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 5:31 p.m.25 views

CVE-2026-48721

Warp: The default unsandboxed CLI agent profile uses a command denylist as a safety boundary. From 0.2025.10.08.08.12.stable_00 to 0.2026.05.06.15.42.stable_01, Warp’s command output can be influenced by environment-variable prefixes, causing denylisted commands to be treated as allowed. This byp...

8.6CVSS6AI score0.00145EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 1:1 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...

4.2CVSS6AI score0.00252EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 1:1 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...

4.2CVSS6AI score0.00252EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 1:1 p.m.3 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...

4.2CVSS6AI score0.00252EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 1:1 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...

4.2CVSS6AI score0.00252EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/18 1:1 p.m.9 views

ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

2.3CVSS6.1AI score0.00252EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/16 3:16 p.m.21 views

CVE-2026-48780

Forem is open source software for building communities. Prior to commit a2ab6d4, a maliciously crafted email address could allow an attacker to bypass domain allowlist or denylist restrictions and gain access to invite-only forem deployments. The issue is patched as of a2ab6d4. As a workaround,...

8.2CVSS0.00218EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 2:10 p.m.16 views

CVE-2026-48780

CVE-2026-48780 affects Forem. Before commit a2ab6d4, a maliciously crafted email address could bypass domain allowlist/denylist restrictions and gain access to invite-only Forem deployments. The issue is patched as of a2ab6d4. Affected component is the email validation/allowlist logic; impact is ...

8.2CVSS5.3AI score0.00218EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/16 6:39 a.m.8 views

CVE-2026-47140

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This vulnerability allows sandboxed code to bypass intended security restrictions by exploiting missing entries in the denylist for dangerous Node.js built-in functions, specifically process and inspector/promises. A...

10CVSS5.6AI score0.00536EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/13 12:34 a.m.10 views

EUVD-2026-36608

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

6.9CVSS5.2AI score0.00094EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 10:16 p.m.16 views

CVE-2026-53820

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

6.9CVSS0.00094EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:56 p.m.11 views

CVE-2026-53820 OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

6.9CVSS5.2AI score0.00094EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:56 p.m.33 views

CVE-2026-53820 OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

6.9CVSS0.00094EPSS
Exploits0References2
Rows per page
Query Builder