Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3125 matches found

NVD
NVDadded 2026/02/09 8:15 p.m.10 views

CVE-2026-25497

Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...

8.8CVSS0.00426EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/02/09 7:50 p.m.3 views

CVE-2026-25497

Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...

8.6CVSS5.6AI score0.00426EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/09 7:50 p.m.5 views

CVE-2026-25497 Craft has a GraphQL Asset Mutation Privilege Escalation

Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...

8.6CVSS5.6AI score0.00426EPSS
Exploits0References3
CVE
CVEadded 2026/02/09 7:50 p.m.15 views

CVE-2026-25497

CVE-2026-25497 : Privilege escalation in Craft CMS GraphQL API affecting versions 4.0.0-RC1 through before 4.17.0-beta.1 and 5.9.0-beta.1. An authenticated user with write access to one asset volume can escalate privileges and modify/transfer assets across volumes, including private or restricted...

8.8CVSS5.6AI score0.00426EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/09 7:41 p.m.5 views

CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References3
CVE
CVEadded 2026/02/09 7:41 p.m.12 views

CVE-2026-25494

Craft CMS versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21 are affected by a vulnerability in the saveAsset GraphQL mutation, where filter_var(..., FILTER_VALIDATE_IP) blocks a defined IP list but fails to recognize hexadecimal or mixed notations, allowing bypass of the blocklist t...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2026/02/09 7:41 p.m.5 views

CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/02/09 7:36 p.m.5 views

CVE-2026-25493 Craft has a SSRF in GraphQL Asset Mutation via HTTP Redirect

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypa...

6.9CVSS5.6AI score0.00359EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/02/09 7:33 p.m.4 views

CVE-2026-25492 Craft has a save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying host

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

5.3CVSS5.5AI score0.00419EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/02/09 7:33 p.m.27 views

CVE-2026-25492 Craft has a save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying host

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

5.3CVSS0.00419EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/02/09 12:0 a.m.4 views

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. There were security vulnerabilities in versions of Craft CMS from 4.0.0-RC1 up to 4.17.0-beta.1, as well as in version 5.9.0-beta.1. These vulnerabilities stemmed from improper authorization validation in the saveAsset...

8.8CVSS5.7AI score0.00426EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.6 views

PT-2026-7144

Name of the Vulnerable Software and Affected Versions Craft versions 4.0.0-RC1 through 4.16.17 Craft versions 5.0.0-RC1 through 5.8.21 Description The saveAsset GraphQL mutation in Craft does not properly validate IP addresses used to access cloud metadata services. The application uses filter...

6.9CVSS5.4AI score0.00359EPSS
Exploits1References11
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.7 views

PT-2026-7147

Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their...

8.6CVSS5.6AI score0.00426EPSS
Exploits0References4
EUVD
EUVDadded 2026/01/31 12:30 a.m.6 views

EUVD-2020-30934

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

5.4CVSS6.1AI score0.00345EPSS
Exploits1References5
OSV
OSVadded 2026/01/30 11:16 p.m.5 views

CVE-2020-37044

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

6.1CVSS5.8AI score
Exploits0References4
OSV
OSVadded 2026/01/30 11:16 p.m.5 views

PYSEC-2026-115

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

6.1CVSS6AI score0.00345EPSS
Exploits1References4
NVD
NVDadded 2026/01/30 11:16 p.m.5 views

CVE-2020-37044

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

6.1CVSS0.00345EPSS
Exploits1References4
CVE
CVEadded 2026/01/30 10:7 p.m.13 views

CVE-2020-37044

CVE-2020-37044 affects OpenCTI 3.3.1, with a reflected XSS flaw in the /graphql endpoint. The vulnerability allows an attacker to inject arbitrary JavaScript by sending a crafted GET request with a malicious payload in the query string, resulting in script execution in the victim’s browser (examp...

6.1CVSS6.1AI score0.00345EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/30 10:7 p.m.3 views

CVE-2020-37044 OpenCTI 3.3.1 - Cross Site Scripting

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

5.4CVSS5.7AI score0.00345EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/01/30 10:7 p.m.4 views

CVE-2020-37044

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

5.4CVSS6.1AI score0.00345EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder