Lucene search
K

3367 matches found

CVE
CVE
added yesterday31 views

CVE-2026-45304

CVE-2026-45304 affects Symfony’s YAML Parser (Symfony\Component\Yaml\Parser). Before versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the parser resolved YAML collection aliases recursively, enabling a small untrusted YAML input to expand into a multi-gigabyte structure and exhaust memory. Impact is ...

8.7CVSS6.1AI score0.00076EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 days ago4 views

brace-expansion: Brace-expansion: Denial of Service due to exponential-time complexity

A flaw was found in brace-expansion. An attacker can exploit a vulnerability in the expand function by providing a specially crafted string. This string, containing consecutive non-expanding brace groups, can trigger exponential-time complexity, leading to significant CPU consumption and event-lo...

8.7CVSS6.2AI score0.00361EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 6 days ago3 views

assertj: AssertJ: Information disclosure and denial of service via XML External Entity (XXE)

A flaw was found in AssertJ. An XML External Entity XXE vulnerability exists in the XmlStringPrettyFormatter component, which is used by the isXmlEqualToCharSequence assertion. If an application processes untrusted XML input using these methods, a remote attacker could exploit this flaw to read...

9.1CVSS7.2AI score0.00542EPSS
Exploits0References8
Cvelist
Cvelist
added last week35 views

CVE-2026-44161 Fluentd: Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Prior to 1.19.3, the Fluentd outhttp output plugin allows placeholders such as $tag in the endpoint configuration parameter, and if a placeholder value is derived from untrusted...

7.2CVSS0.00442EPSS
Exploits0References4
OSV
OSV
added last week3 views

CVE-2026-44161 Fluentd: Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Prior to 1.19.3, the Fluentd outhttp output plugin allows placeholders such as $tag in the endpoint configuration parameter, and if a placeholder value is derived from untrusted...

7.2CVSS7.1AI score0.00442EPSS
Exploits0References6
NVD
NVD
added last week8 views

CVE-2026-54590

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...

5.9CVSS0.00285EPSS
Exploits0References3
Cvelist
Cvelist
added last week32 views

CVE-2026-54590 AsyncSSH AuthorizedKeysFile username substitution bypass through ~ and environment expansion

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...

5.9CVSS0.00285EPSS
Exploits0References3
OSV
OSV
added last week2 views

CVE-2026-54590 AsyncSSH AuthorizedKeysFile username substitution bypass through ~ and environment expansion

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...

5.9CVSS6.1AI score0.00285EPSS
Exploits0References5
CVE
CVE
added last week6 views

CVE-2026-54590

AsyncSSH (Python, v2.23.0) contains an incomplete fix for CVE-2026-45309 in SSHServerConfig._set_tokens that blocks /, , and .. before %u substitution in AuthorizedKeysFile but fails to block a leading ~ or ${ENV}. This allows later expansion in _expand_val and Path(filename).expanduser() to esca...

5.9CVSS6AI score0.00285EPSS
Exploits0References3
OSV
OSV
added last week7 views

BIT-LIBPHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 1:43 p.m.6 views

JLSEC-2026-656 Deno: Command Injection via spawnSync & spawn on Windows

Summary Deno's node:childprocess implementation provided an escapeShellArg helper used when callers passed shell: true to spawn / spawnSync / exec and friends. On Windows, the helper failed to quote arguments that contained cmd.exe metacharacters such as &, |, , ^, !, , , and did not neutralize %...

8.1CVSS6.2AI score0.00283EPSS
Exploits1References2
EUVD
EUVD
added 2026/07/06 8:24 p.m.8 views

EUVD-2026-25012

mv: symlinks expanded during cross-device move resource exhaustion / data duplication...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 3:28 p.m.13 views

BIT-PYTHON-MIN-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7.1CVSS7.1AI score0.0029EPSS
Exploits0References58
OSV
OSV
added 2026/07/06 3:28 p.m.6 views

BIT-PYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References58
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-25282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential...

6.9CVSS6AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 4:5 p.m.9 views

GHSA-MHQ8-78PJ-5J79 OpenClaw's POSIX node system.run safe-bin allowlist could be widened by shell expansion

Summary On POSIX nodes, OpenClaw's system.run safe-bin checks could approve a command before shell expansion changed how the command was interpreted. A value that appeared to be a safe-bin argument could expand into additional shell words and become a file operand. This issue is limited to paired...

7.1CVSS6.1AI score0.00191EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 2:13 p.m.3 views

PYSEC-2026-741 XML Entity Expansion in trytond and proteus

An XML Entity Expansion XEE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. A...

7.5CVSS6AI score0.01927EPSS
Exploits0References10
EUVD
EUVD
added 2026/07/01 8:51 p.m.8 views

EUVD-2026-40297

Rancher has over-inclusive team membership expansion in GitHub App authentication provider...

8.8CVSS5.8AI score0.0037EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/07/01 3:35 a.m.6 views

SUSE CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

7.5CVSS5.7AI score0.00361EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive...

8.7CVSS6.3AI score0.00361EPSS
Exploits0References4
Rows per page
Query Builder