Lucene search
K

89744 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 1:36 p.m.7 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality (CVE-2025-62718)

Summary Node.js module axios is used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in...

9.9CVSS5.8AI score0.01186EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/05/07 1:16 p.m.12 views

CVE-2026-5791

Cross-Site request forgery CSRF vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

6.5CVSS0.0015EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 12:51 p.m.8 views

Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2026-1561, CVE-2025-14923, CVE-2025-14917, CVE-2026-29063, CVE-2025-14915).

Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2026-1561, CVE-2025-14923, CVE-2025-14917, CVE-2026-29063, CVE-2025-14915. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address these vulnerabilities...

9.8CVSS6AI score0.00978EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/07 12:40 p.m.7 views

CVE-2026-5791

Cross-Site request forgery CSRF vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

9.6CVSS5.8AI score0.0015EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/07 12:40 p.m.32 views

CVE-2026-5791 CSRF in DivvyDrive Information Technologies' DivvyDrive

Cross-Site request forgery CSRF vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

6.5CVSS0.0015EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/07 12:40 p.m.8 views

CVE-2026-5791 CSRF in DivvyDrive Information Technologies' DivvyDrive

Cross-Site request forgery CSRF vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

6.5CVSS5.8AI score0.0015EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 12:40 p.m.17 views

CVE-2026-5791

DivvyDrive CSRF (Cross-Site Request Forgery) vulnerability (CVE-2026-5791) affects DivvyDrive Software prior to 4.8.3.2 (versions starting 4.8.2.9). Root cause is CSRF; impact is information-agnostic, with high integrity impact per the entry. Remediation: upgrade to version 4.8.3.2 or later. Expl...

6.5CVSS5.8AI score0.0015EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/07 12:31 p.m.15 views

EUVD-2026-28343

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 12:16 p.m.21 views

CVE-2026-41644

monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs...

8.3CVSS0.00331EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/07 11:56 a.m.8 views

CVE-2026-41644 monetr is vulnerable to server-side request forgery in Lunch Flow link creation and refresh

monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs...

8.3CVSS5.9AI score0.00331EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/07 11:56 a.m.10 views

CVE-2026-41644

monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs...

8.3CVSS5.9AI score0.00331EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/07 11:56 a.m.36 views

CVE-2026-41644 monetr is vulnerable to server-side request forgery in Lunch Flow link creation and refresh

monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs...

8.3CVSS0.00331EPSS
Exploits0References4
CVE
CVE
added 2026/05/07 11:56 a.m.25 views

CVE-2026-41644

CVE-2026-41644 – SSRF in monetr Lunch Flow : The vulnerability occurs in the Lunch Flow link creation/refresh endpoint (POST /api/lunch_flow/link) of self-hosted monetr installations where LunchFlow.Enabled is true and sign-ups are allowed. An authenticated user can cause the server to fetch arbi...

8.3CVSS5.9AI score0.00331EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/07 11:15 a.m.9 views

CVE-2026-27415

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS0.00095EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 10:20 a.m.29 views

CVE-2026-27415 WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS0.00095EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/07 10:20 a.m.9 views

CVE-2026-27415 WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 10:20 a.m.6 views

CVE-2026-27415

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/07 10:19 a.m.16 views

WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by benzdeus in WordPress Plugin BEAR versions = 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/05/07 9:31 a.m.11 views

EUVD-2025-209718

Cross-Site Request Forgery CSRF vulnerability in WPGraphQL allows Cross Site Request Forgery. This issue affects WPGraphQL: from n/a through 2.5.3...

5.4CVSS5.8AI score0.00092EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/07 9:25 a.m.11 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the process handling incoming requests. An attacker can perform unauthorized actions on behalf of an authenticated user by tricking them into submitting a crafted request. Remediation Upgrade...

5.4CVSS5.8AI score0.00092EPSS
Exploits0References2
Rows per page
Query Builder