Lucene search
K

1682 matches found

Nuclei
Nuclei
added 8 hours ago45 views

SiYuan Note - Cross-Site Scripting

SiYuan Note through version 3.6.1 is vulnerable to unauthenticated reflected Cross-Site Scripting XSS in the /api/icon/getDynamicIcon endpoint due to improper filtering of SVG elements with a namespace prefix such as . By using a namespaced script element, attackers can bypass the SanitizeSVG...

8.6CVSS6.1AI score0.00469EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 9:16 p.m.11 views

CVE-2026-54352

Budibase is an open-source low-code platform. Prior to 3.39.9, POST /api/pwa/process-zip at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with [email protected] into a temp directory, then for each entry listed in icons.json validates the icon path, open...

9.6CVSS0.00494EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/25 9:54 p.m.14 views

EUVD-2026-36188

ImageMagick has out-of-bounds write in ICON decoder due to incorrect loop...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/25 9:54 p.m.7 views

ImageMagick has out-of-bounds write in ICON decoder due to incorrect loop

An incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References3Affected Software17
NVD
NVD
added 2026/06/24 10:16 p.m.10 views

CVE-2026-54068

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDynamicIcon endpoint is explicitly excluded from authentication in SiYuan's kernel router router.go, "不需要鉴权" -- no auth needed. When called with type=8 and a valid block id parameter, this endpoint...

5.9CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 9:15 p.m.7 views

CVE-2026-54068

SiYuan before 3.7.0: unauthenticated access to /api/icon/getDynamicIcon where type=8 with a valid block id runs Go templates that execute arbitrary SQL (RenderDynamicIconContentTemplate), enabling an attacker to exfiltrate extensive SQLite data (notes, tags, asset refs, block attributes). The roo...

5.9CVSS6AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38799

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

4.8CVSS5.8AI score0.00239EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 4:16 p.m.7 views

CVE-2026-50703

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

4.8CVSS0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:42 p.m.30 views

CVE-2026-50703 Frappe Framework 17.0.0-dev - Stored XSS in Desktop Icon label rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

4.8CVSS0.00239EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 2:42 p.m.11 views

CVE-2026-50703

Summary : CVE-2026-50703 affects Frappe Framework 17.0.0-dev, with a stored XSS vulnerability in the Desk desktop icon renderer caused by improper neutralization of user-controlled input. This could allow an attacker to inject malicious content into the icon label, potentially affecting users who...

4.8CVSS5.8AI score0.00239EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56302

Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers can exploit this misconfiguration to delete all icons and leak sensitive app IDs and user IDs...

6.9CVSS5.9AI score0.00208EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 11:53 a.m.31 views

CVE-2026-56302 Capgo - Unsecured Supabase Images Bucket via Missing Row Level Security

Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers can exploit this misconfiguration to delete all icons and leak sensitive app IDs and user IDs...

6.9CVSS0.00208EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 11:53 a.m.7 views

CVE-2026-56302

Capgo before 12.128.2 uses an unsecured Supabase images bucket with no row-level security, allowing unauthenticated read, insert, and delete operations on stored app icons. This misconfiguration enables attackers to delete all icons and leak sensitive app IDs and user IDs. The connected documents...

6.9CVSS5.9AI score0.00208EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 12:16 p.m.12 views

CVE-2026-4983

Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...

5.4CVSS0.00226EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 10:50 a.m.14 views

CVE-2026-4983

CVE-2026-4983 affects the Open VSX Registry where SVG icons uploaded as extensions are not sanitized before storage and are served as image/svg+xml without security headers. This enables stored cross-site scripting (XSS) when users navigate to the icon URL. The impact differs by deployment: on lo...

5.4CVSS5.9AI score0.00226EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/21 2:16 p.m.11 views

CVE-2026-56394

Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not validated before file existence checks. Attackers can bypass extension validation by passing traversal sequences that resolve to existing SVG files,...

7.1CVSS0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/21 1:27 p.m.32 views

CVE-2026-56394 Craft CMS - Authenticated Path Traversal in assets/icon Extension Parameter

Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not validated before file existence checks. Attackers can bypass extension validation by passing traversal sequences that resolve to existing SVG files,...

7.1CVSS0.00336EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:27 p.m.5 views

CVE-2026-56394

Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not validated before file existence checks. Attackers can bypass extension validation by passing traversal sequences that resolve to existing SVG files,...

7.1CVSS5.9AI score0.00336EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/21 1:27 p.m.7 views

EUVD-2026-38160

Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not validated before file existence checks. Attackers can bypass extension validation by passing traversal sequences that resolve to existing SVG files,...

7.1CVSS5.9AI score0.00336EPSS
Exploits0References3
CVE
CVE
added 2026/06/21 1:27 p.m.21 views

CVE-2026-56394

Craft CMS 4.0.0-RC1 contains an authenticated path traversal in the assets/icon endpoint. The extension parameter is not validated before file-existence checks, allowing traversal sequences to resolve to existing SVG files and enabling local file read access. Root cause is improper validation of ...

7.1CVSS5.9AI score0.00336EPSS
Exploits0References3
Rows per page
Query Builder