Lucene search
+L

305 matches found

vulnrichment
vulnrichment
added 2026/05/15 4:2 p.m.12 views

CVE-2026-45539 Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...

7.4CVSS5.8AI score0.00654EPSS
Exploits0References1
osv
osv
added 2026/04/22 6:4 p.m.7 views

USN-8199-1 glance vulnerabilities

Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2024-32498 Hyeongeun Ji and Abhishek Keka...

7.1CVSS5.8AI score0.00835EPSS
Exploits1References3
cnnvd
cnnvd
added 2026/04/22 12:0 a.m.12 views

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils, which stems from an information leakage race condition. This vulnerability could allow local attackers to open files before permission restrictions are...

4.7CVSS5.8AI score0.00091EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/04/21 11:4 p.m.6 views

CVE-2026-41064

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS5.7AI score0.00335EPSS
Exploits1References5Affected Software1
cve
cve
added 2026/03/31 9:5 p.m.55 views

CVE-2026-34401

XML Notepad is affected by an XXE flaw in which DTD processing was not disabled by default prior to version 2.9.0.21, allowing external entities to be resolved. The issue could cause the application to make outbound HTTP/SMB requests and potentially leak local file contents or NTLM credentials. T...

6.5CVSS5.7AI score0.00986EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2026/03/24 3:16 p.m.13 views

CVE-2026-30662

ConcreteCMS v9.4.7 contains a Denial of Service DoS vulnerability in the File Manager component. The 'download' method in 'concrete/controllers/backend/file.php' improperly manages memory when creating zip archives. It uses 'ZipArchive::addFromString' combined with 'filegetcontents', which loads...

6.5CVSS0.00288EPSS
Exploits1References1
osv
osv
added 2026/03/17 8:33 p.m.17 views

GHSA-2CPP-J2FC-QHP7 AWS API MCP File Access Restriction Bypass

Description The AWS API MCP Server is an open source Model Context Protocol MCP server that enables AI assistants to interact with AWS services and resources through AWS CLI commands. It provides programmatic access to manage your AWS infrastructure while maintaining proper security controls. Thi...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References6
susecve
susecve
added 2026/03/10 12:24 a.m.5 views

SUSE CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

7.5CVSS5.7AI score0.00401EPSS
Exploits1References4
nvd
nvd
added 2026/03/07 5:15 p.m.7 views

CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

7.5CVSS0.00401EPSS
Exploits1References3
ubuntucve
ubuntucve
added 2026/03/07 5:15 p.m.5 views

CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

7.5CVSS7AI score0.00401EPSS
Exploits1References4
osv
osv
added 2026/03/07 5:15 p.m.8 views

UBUNTU-CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

7.5CVSS5.7AI score0.00401EPSS
Exploits1References5
osv
osv
added 2026/03/07 4:28 p.m.4 views

CVE-2026-30852 Caddy: vars_regexp double-expands user input, leaking env vars and files

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

6.9CVSS5.7AI score0.00401EPSS
Exploits1References5
debiancve
debiancve
added 2026/03/07 4:28 p.m.7 views

CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

7.5CVSS7.7AI score0.00401EPSS
Exploits1
cve
cve
added 2026/03/07 4:28 p.m.25 views

CVE-2026-30852

Caddy 2.x versions are affected: from 2.7.5 up to 2.11.2 (inclusive of 2.7.5 through 2.11.1) have a vulnerability in vars_regexp where user-controlled input is double-expanded by the replacer. If a header like X-Input contains a placeholder such as {http.request.header.X-Input}, the header value ...

7.5CVSS5.7AI score0.00401EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2026/03/07 4:28 p.m.0 views

CVE-2026-30852 Caddy: vars_regexp double-expands user input, leaking env vars and files

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

6.9CVSS5.7AI score0.00401EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/03/07 4:28 p.m.4 views

CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

6.9CVSS5.7AI score0.00401EPSS
Exploits1References4Affected Software1
alpinelinux
alpinelinux
added 2026/03/07 4:28 p.m.2 views

CVE-2026-30852

Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the...

7.5CVSS5.7AI score0.00401EPSS
Exploits1
cnnvd
cnnvd
added 2026/03/07 12:0 a.m.8 views

Caddy 信息泄露漏洞

Caddy is an open-source, cross-platform HTTP/Web server developed by the Caddy company. Versions of Caddy from 2.7.5 to 2.11.2 had a vulnerability related to information leakage. This vulnerability stemmed from the varsregexp matcher’s double expansion of user inputs, which could lead to the...

7.5CVSS7.3AI score0.00401EPSS
Exploits1References3
osv
osv
added 2026/03/06 11:40 p.m.1 views

GHSA-M2W3-8F23-HXXF Caddy's vars_regexp double-expands user input, leaking env vars and files

Summary The varsregexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When varsregexp matches against a placeholder like http.request.header.X-Input, the header value gets resolved once expected, then passed through repl.ReplaceAll again the bug. This mean...

6.9CVSS5.8AI score0.00401EPSS
Exploits1References5
snyk
snyk
added 2026/03/06 11:40 p.m.4 views

Header Injection

Overview Affected versions of this package are vulnerable to Header Injection in the varsregexp matcher. An attacker can access sensitive environment variables, file contents, or system information by injecting specially crafted placeholders such as env. or file. into HTTP request headers, which...

7.5CVSS5.8AI score0.00401EPSS
Exploits1References2
Rows per page
Query Builder