Lucene search
K

1080 matches found

NVD
NVD
added 2026/05/18 11:16 a.m.21 views

CVE-2026-8802

A vulnerability was detected in opensourcepos Open Source Point of Sale up to 3.4.2. This issue affects the function getPicThumb of the file app/Controllers/Items.php. The manipulation of the argument picfilename results in path traversal. The attack may be launched remotely. The patch is...

5.3CVSS0.0039EPSS
Exploits0References6
CVE
CVE
added 2026/05/18 10:0 a.m.24 views

CVE-2026-8802

Open Source POS (opensourcepos) up to version 3.4.2 contains a path traversal vulnerability in getPicThumb (app/Controllers/Items.php) caused by unsafely handling the pic_filename argument. Exploitation could be remote; a patch identified as def0c27a0e252668df8d942fc31e16d1edfd7323 is available a...

5.3CVSS5.6AI score0.0039EPSS
Exploits0References6
NVD
NVD
added 2026/05/15 5:16 p.m.26 views

CVE-2026-23695

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS0.00138EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/14 4:36 p.m.9 views

Mistune TOC Anchor Injection XSS

Summary rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format string — with no HTML escaping applied to either value. When heading IDs...

6.1CVSS6AI score0.00228EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/05/14 7:16 a.m.57 views

CVE-2026-6670

The Media Sync plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.9 via the 'subdir' and 'mediaitems' parameters. This is due to insufficient validation of user-supplied file paths, which are not checked for directory traversal sequences or restricted t...

6.5CVSS0.00526EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 6:44 a.m.43 views

CVE-2026-6670

The Media Sync plugin for WordPress (versions up to 1.4.9) is vulnerable to Path Traversal via the sub_dir and media_items parameters. Due to insufficient validation of user-supplied file paths, attackers with Author-level access or higher can act on files outside the intended uploads directory. ...

6.5CVSS5.8AI score0.00526EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

WordPress plugin Media Sync 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.5CVSS5.8AI score0.00526EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 1:27 p.m.24 views

EUVD-2026-29952

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8.4. This is due to the plugin not properly verifying that a user is authorized to perform an action via the pmsetgrouporder, pmsetgroupitem...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/13 1:27 p.m.10 views

CVE-2026-4607 ProfileGrid <= 5.9.8.4 - Missing Authorization to Authenticated (Subscriber+) Group Settings Modification

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8.4. This is due to the plugin not properly verifying that a user is authorized to perform an action via the pmsetgrouporder, pmsetgroupitem...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References6
CVE
CVE
added 2026/05/13 1:27 p.m.20 views

CVE-2026-4607

CVE-2026-4607 concerns the ProfileGrid – User Profiles, Groups and Communities WordPress plugin (versions up to 5.9.8.4). The issue is an authorization bypass in AJAX actions pm_set_group_order, pm_set_group_items, and pm_set_field_order, allowing authenticated users with Subscriber-level access ...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/13 3:33 a.m.10 views

SUSE CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

5.8AI score0.00091EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 6:16 p.m.21 views

CVE-2026-44658

Zen is a firefox-based browser. Prior to 1.19.12b, RSS feed URLs entered by the user are validated to http: or https: in promptForFeedUrl, but item links inside the feed are not subject to the same restriction. The provider maps each RSS/Atom item link into item.url, filters only for presence and...

2.4CVSS0.00157EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/08 8:3 p.m.16 views

Open WebUI has Unauthorized File and Knowledge Base Content Access via RAG Vector Search

Unauthorized File and Knowledge Base Content Access via RAG Vector Search Affected Component RAG source resolution in chat completion pipeline: - backend/openwebui/retrieval/utils.py lines 963-965, 1063-1068, 1126-1131 in getsourcesfromitems Affected Versions Current main branch commit 6fdd19bf1...

6.5CVSS5.8AI score0.00366EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 1:31 p.m.8 views

CVE-2026-43338

In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a transaction join, which does not reserve any space, neither for the quota tree updates nor for the...

5.5CVSS5.7AI score0.00114EPSS
Exploits0
CVE
CVE
added 2026/05/07 2:58 a.m.8 views

CVE-2026-41658

CVE-2026-41658 (Admidio) describes missing authorization in the inventory module: destructive endpoints (item_delete, item_retire, item_reinstate, item_picture_upload/save/delete) validate CSRF but perform no backend authorization checks, allowing any authenticated user with inventoryModule acces...

6.5CVSS5.7AI score0.00227EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.13 views

Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there were security vulnerabilities. These vulnerabilities stemmed fr...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.7 views

SUSE CVE-2026-43046

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...

5.8AI score0.00114EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 2:15 p.m.9 views

EUVD-2026-26645

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...

5.8AI score0.00114EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.6 views

CVE-2026-43046

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...

5.5CVSS5.7AI score0.00114EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.11 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from hcicmdsyncqueueonce in Bluetooth hcisync does not correctly indicate if a queue item already exists, which...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References1
Rows per page
Query Builder