CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added yesterday•5 views

EUVD-2025-210339

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

9.3CVSS6.6AI score0.00516EPSS

Exploits0References3

Cvelist•added 2 days ago•19 views

CVE-2025-71333 Flowise - Arbitrary File Upload via Unauthenticated /api/v1/attachments Endpoint

9.3CVSS0.00516EPSS

CVE•added 2 days ago•10 views

CVE-2025-71333

Flowise (v2.2.4) contains an unauthenticated arbitrary file upload vulnerability at the /api/v1/attachments endpoint when storageType is set to local. The issue allows path traversal via chatId and chatflowId parameters to upload files to arbitrary directories, potentially enabling remote code ex...

9.3CVSS6.6AI score0.00516EPSS

CVE•added 3 days ago•9 views

CVE-2026-53106

CVE-2026-53106 affects the Linux kernel BPF storage deletion flow. The issue arises when local storage is freed via kfree_rcu(), call_rcu(), or call_rcu_tasks_trace() in NMI or reentrant contexts, which can lead to a deadlock. The documented mitigation in NMI is to return an error from bpf_xxx_st...

5.8AI score0.00145EPSS

NVD•added 4 days ago•6 views

CVE-2026-47387

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared form-view submit handler packages/nc-gui/composables/useSharedFormViewStore.ts in NocoDB writes the form's redirecturl to window.location.href after a same-host check that does not validate the URL scheme. A...

8.4CVSS0.00234EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed out-of-bounds access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can occur through tail calls. This occurs when two programs each utilize a cgroup local storage with a...

7.1CVSS6.8AI score0.00146EPSS

Positive Technologies•added 2026/06/19 12:0 a.m.•12 views

PT-2026-51100

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.7.0 Description The logout button fails to clear the user session, allowing a previous user to remain logged in unless another user explicitly authenticates. This occurs because the '/logout' endpoint deletes...

6.1CVSS5.9AI score0.00152EPSS

Exploits1References6

NVD•added 2026/06/11 8:16 p.m.•9 views

CVE-2026-53781

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS0.00329EPSS

Cvelist•added 2026/06/11 7:11 p.m.•25 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

5.3CVSS0.00329EPSS

CVE•added 2026/06/11 7:11 p.m.•10 views

CVE-2026-53781

The CVE affects the Summarize utility prior to version 0.17.0. Vulnerable path is the temp-file-based media download, where an unbounded response can be streamed via the download/response path, causing disk and resource exhaustion. Root cause: responses bypass the enforced size limit due to missi...

5.3CVSS5.5AI score0.00329EPSS

CNNVD•added 2026/06/11 12:0 a.m.•11 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.17.0 contain security vulnerabilities. These vulnerabilities stem from resource exhaustion. A remote attacker can exploit these vulnerabilities by bypassing the mandatory size lim...

5.3CVSS5.5AI score0.00329EPSS

Cvelist•added 2026/06/09 10:53 a.m.•31 views

CVE-2026-49740 TYPO3 CMS - Insecure Deserialization in Core API

TYPO3's cache frontend VariableFrontend and persistent key-value store Registry deserialized PHP payloads without integrity validation or class restrictions. An attacker with write access to the underlying storage backend cache store or sysregistry database table could inject a crafted serialized...

6.3CVSS0.00215EPSS

Exploits0References3

Packet Storm News•added 2026/06/08 12:0 a.m.•7 views

Windows Notepad Markdown Link Exposure Test

This Metasploit auxiliary module is a non-exploit, safety-focused research tool designed to generate a Markdown file for analyzing how Windows Notepad handles external links. It creates a controlled test document containing a user-defined URL and stores it locally for inspection...

5.5AI score

Exploits0

RedhatCVE•added 2026/06/05 7:19 p.m.•8 views

CVE-2026-49128

Music Player Daemon MPD before version 0.24.11 contains a path traversal vulnerability in LocalStorage::MapFSOrThrow and LocalStorage::MapUTF8 within the local storage plugin, where the on-disk path is constructed by joining the storage root with a user-supplied URI as plain strings without...

8.7CVSS5.6AI score0.00501EPSS

Github Security Blog•added 2026/06/05 4:20 p.m.•14 views

NocoDB: Stored Cross-Site Scripting via Form View Redirect URL

Summary The shared form-view submit handler in NocoDB writes the form's redirecturl to window.location.href after a same-host check that does not validate the URL scheme. A user with editor role or above on any base can plant a javascript: URL in the form's redirecturl; when an authenticated view...

8.4CVSS5.8AI score0.00234EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/05/30 2:12 a.m.•9 views

CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

8.7CVSS5.8AI score0.00368EPSS