Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/05/06 9:31 p.m.3 views

EUVD-2026-28188

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memoryget function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown...

4.3CVSS5.9AI score0.00039EPSS
Exploits0References4
NVD
NVDadded 2026/05/06 8:16 p.m.2 views

CVE-2026-44111

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memoryget function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown...

4.3CVSS0.00039EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/02/13 12:0 a.m.6 views

PT-2026-8028

Name of the Vulnerable Software and Affected Versions Windows Notepad versions prior to 11.x patch Description A remote code execution issue exists in the modern Windows 11 Notepad application distributed through the Microsoft Store. A malicious Markdown .md file can trigger command injection,...

6.5AI score
Exploits0References2
NVD
NVDadded 2026/01/16 7:16 p.m.2 views

CVE-2021-47837

Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload crafted markdown files with embedded scripts that execute when the file is opened, potentially enabling remote code execution...

7.2CVSS0.00042EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/16 7:9 p.m.3 views

CVE-2021-47837

Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload crafted markdown files with embedded scripts that execute when the file is opened, potentially enabling remote code execution...

7.2CVSS5.6AI score0.00042EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2025/09/02 12:0 a.m.5 views

CVE-2025-55474

Many Notes 0.10.1 is vulnerable to Cross Site Scripting XSS, which allows malicious Markdown files to execute JavaScript when viewed...

0.00059EPSS
Exploits1References3
CNNVD
CNNVDadded 2023/09/01 12:0 a.m.3 views

Typora Cross-Site Scripting Vulnerability

Typora is an editor. A security vulnerability exists in Typora v1.6.7, which stems from the presence of a cross-site scripting XSS vulnerability that allows attackers to execute arbitrary code by uploading specially crafted Markdown files...

6.1CVSS6.4AI score0.00123EPSS
Exploits1References2
CNNVD
CNNVDadded 2021/12/10 12:0 a.m.1 views

Grafana 路径遍历漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. Grafana suffers from a path traversal vulnerability that stems from the fact that Grafana prior to...

4.3CVSS7AI score0.06405EPSS
Exploits0References20
Rows per page
Query Builder