CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2 days ago•2 views

CVE-2026-45302 Prototype Pollution in parse-nested-form-data via `__proto__` in FormData field names

8.2CVSS5.7AI score0.00045EPSS

Cvelist•added 2 days ago•21 views

CVE-2026-45302 Prototype Pollution in parse-nested-form-data via `__proto__` in FormData field names

8.2CVSS0.00045EPSS

ATTACKERKB•added 2 days ago•3 views

CVE-2026-45302

8.2CVSS5.7AI score0.00045EPSS

Exploits0References4Affected Software1

EUVD•added 2 days ago•6 views

EUVD-2026-33723

8.2CVSS5.8AI score0.00045EPSS

CNNVD•added 2 days ago•2 views

parse-nested-form-data security vulnerability

parse-nested-form-data is a form data parsing tool developed by Christian Schurr. Versions of parse-nested-form-data prior to 1.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of parseFormData, which did not filter or preserve attribute keys when parsing FormDat...

8.2CVSS5.8AI score0.00045EPSS

EUVD•added 4 days ago•6 views

EUVD-2018-21934

Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docsupload.php with crafted multipart form data. Attackers can upload PHP files with arbitrary content to the upload directory and execute th...

9.8CVSS6.4AI score0.00178EPSS

Exploits1References5

NVD•added 5 days ago•6 views

CVE-2026-46510

form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys e.g. namesub into nested objects without filtering proto, constructor, or prototype. A single HTTP form field whose name starts with proto... causes the library to mutate...

8.2CVSS0.00042EPSS

Vulnrichment•added 5 days ago•3 views

CVE-2026-46510 Prototype pollution in form-data-objectizer via bracket-notation form keys

ATTACKERKB•added 5 days ago•4 views

CVE-2026-46510

Exploits0References3Affected Software1

CVE•added 5 days ago•7 views

CVE-2026-46510

CVE-2026-46510 affects form-data-objectizer

EUVD•added 5 days ago•4 views

EUVD-2026-33321

Cvelist•added 5 days ago•26 views

CVE-2026-46510 Prototype pollution in form-data-objectizer via bracket-notation form keys

8.2CVSS0.00042EPSS

IBM Security Bulletins•added 5 days ago•9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2026-31958

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2026-31958. This bulletin contains information addressing the vulnerability. Vulnerability...

8.7CVSS7.2AI score0.00028EPSS

Exploits0Affected Software1

CNNVD•added 5 days ago•3 views

form-data-objectizer 安全漏洞

form-data-objectizer is a form data-to-object conversion tool developed by Kasper Stöckel. Versions of form-data-objectizer prior to 1.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of filtering for proto, constructor, or prototype when handling bracket notati...