CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

ATTACKERKB•added 2026/05/28 7:32 p.m.•4 views

CVE-2026-32847

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in newui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /fullpath:path endpoint. Attackers can bypass Starlette's...

8.7CVSS5.9AI score0.00101EPSS

Exploits1References2

Positive Technologies•added 2026/05/28 12:0 a.m.•4 views

PT-2026-44488

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /full path:path endpoint. Attackers can bypass Starlette...

8.7CVSS5.9AI score0.00101EPSS

Exploits1References3

CNNVD•added 2026/05/20 12:0 a.m.•3 views

Altium Enterprise Server 路径遍历漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. Altium Enterprise Server has a path traversal vulnerability, which stems from improper handling of path file routing parameters. This vulnerability could allow authenticated use...

9.4CVSS5.8AI score0.00023EPSS

Exploits0References1

Vulnrichment•added 2026/05/13 8:26 p.m.•1 views

CVE-2026-44373 Nitro: Proxy scope bypass via percent-encoded path traversal in `routeRules`

Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could bypass a proxy route rule by sending percent-encoded path traversal ..%2f in the URL, causing Nitro to forward a request that the upstream resolved outside the configured scope. This vulnerability is fixed in...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References5

Patchstack•added 2026/05/06 11:1 p.m.•5 views

NPM: Nitro has a proxy scope bypass via percent-encoded path traversal in `routeRules`

NPM: Nitro has a proxy scope bypass via percent-encoded path traversal in routeRules vulnerability discovered by ? in WordPress Npm nitropack versions 2.13.4...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References7Affected Software1

UbuntuCve•added 2026/05/04 8:16 p.m.•1 views

CVE-2026-6321

fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...

7.5CVSS5.8AI score0.00048EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в jetty9

For Eclipse Jetty versions = 9.4.40, = 10.0.2, and = 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example, a request to /concat?/%2557EB-INF/web.xml can retrieve the web.xml file. This can revea...

5.3CVSS6.7AI score0.9026EPSS

Exploits2References1

Vulnrichment•added 2026/04/16 1:9 p.m.•1 views

CVE-2026-6414 @fastify/static vulnerable to route guard bypass via encoded path separators

@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators %2F before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch allows attackers to bypass route-based middleware or guards that protect files served by @fastify/static. F...

5.9CVSS5.8AI score0.00016EPSS

Exploits0References4

Cvelist•added 2026/04/16 1:9 p.m.•27 views

CVE-2026-6414 @fastify/static vulnerable to route guard bypass via encoded path separators

5.9CVSS0.00016EPSS

Exploits0References4

ATTACKERKB•added 2026/04/16 1:9 p.m.•4 views

CVE-2026-6414

5.9CVSS5.8AI score0.00016EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/04/16 12:0 a.m.•1 views

PT-2026-33313

Name of the Vulnerable Software and Affected Versions @fastify/static versions 8.0.0 through 9.1.0 Description @fastify/static decodes percent-encoded path separators '%2F' before filesystem resolution, whereas the Fastify router treats them as literal characters. This discrepancy allows for a...

5.9CVSS5.7AI score0.00016EPSS

Exploits0References10

SUSE CVE•added 2026/04/03 11:24 p.m.•1 views

SUSE CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS5.7AI score0.00044EPSS

Exploits0References4

RedhatCVE•added 2026/04/03 8:41 p.m.•2 views

CVE-2026-34786

A flaw was found in Rack. A remote attacker can exploit this vulnerability by sending a specially crafted request with a URL-encoded static path. This bypasses security-relevant response headers intended for static content, potentially leading to information disclosure or other unintended...

6.5CVSS5.8AI score0.00044EPSS

Exploits0References4

Github Security Blog•added 2026/04/02 8:36 p.m.•9 views

Rack has Content-Length mismatch in Rack::Files error responses

Summary Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the number of bytes actually sent on the wire. Because Rack::Files reflects the...

6.5CVSS5.8AI score0.00041EPSS

Exploits0References4Affected Software1