Lucene search
K

1064 matches found

Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.16 views

PT-2026-46127

Name of the Vulnerable Software and Affected Versions Docling versions prior to 2.94.0 Description The HTML backend fails to perform sufficient validation during resource handling. This allows local file system access via file:// URIs when enable local fetch is set to True, and enables path...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

MBS多款产品 路径遍历漏洞

MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have a path traversal vulnerability. This vulnerability stems from the insufficient input validation in the ugw-logread method, which may allow remote...

8.8CVSS5.4AI score0.00494EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45696

These are all security issues fixed in the sshfs-3.7.6-1.1 package on the GA media of openSUSE Tumbleweed...

5.8AI score0.00031EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.5 views

NiceGUI 信息泄露漏洞

NiceGUI is an easy-to-use, Python-based UI framework developed under the open source license. Versions of NiceGUI prior to 3.12.0 contained a vulnerability related to information leakage. This vulnerability stemmed from the fact that the ui.restructuredtext function did not disable the file...

7.5CVSS5.2AI score0.00255EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/30 1:59 a.m.14 views

SUSE CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.8CVSS6AI score0.00181EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-48522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python...

4.2CVSS5.7AI score0.00181EPSS
Exploits1References4
PyPA
PyPA
added 2026/05/28 4:16 p.m.9 views

PYSEC-0000-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS5.9AI score0.00181EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/28 4:16 p.m.15 views

PYSEC-2026-175

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS5.9AI score0.00181EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/28 4:16 p.m.6 views

PYSEC-2026-175

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS5.9AI score0.00181EPSS
Exploits1References1
NVD
NVD
added 2026/05/28 4:16 p.m.14 views

CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS0.00181EPSS
Exploits1References1
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

DEBIAN-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References1
OSV
OSV
added 2026/05/28 4:16 p.m.26 views

UBUNTU-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:0 p.m.11 views

CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 3:0 p.m.11 views

CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

pyjwt 代码问题漏洞

PyJWT is a Python library developed by José Padilla of the United States. It allows for the encoding and decoding of JSON Web Tokens JWTs. Prior to version 2.13.0, there were code vulnerabilities in PyJWT. These vulnerabilities stemmed from PyJWKClient directly passing the uri parameter to...

4.2CVSS6AI score0.00181EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44394

Name of the Vulnerable Software and Affected Versions PyJWT versions prior to 2.13.0 Description PyJWKClient passes the uri argument directly to urllib.request.urlopen, which utilizes the default OpenerDirector of the Python standard library. This allows the registration of HTTPHandler,...

9.8CVSS5.4AI score0.00181EPSS
Exploits1References236
PyPA
PyPA
added 2026/05/27 5:16 p.m.13 views

PYSEC-2026-180

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/05/27 5:16 p.m.16 views

CVE-2026-44353

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS0.00345EPSS
Exploits1References1
PyPA
PyPA
added 2026/05/27 5:16 p.m.11 views

PYSEC-0000-CVE-2026-44353

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/27 5:16 p.m.7 views

PYSEC-2026-180

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1
Rows per page
Query Builder