Lucene search
+L

2027 matches found

Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-46088

Summary The HTTP server in browserstack-runner serves files from the project directory via the default handler. This handler uses path.joinprocess.cwd, uri to resolve file paths but does not validate that the resulting path stays within the project root. Combined with the server binding on 0.0.0....

7.1CVSS6AI score0.00208EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-45991

Name of the Vulnerable Software and Affected Versions Mercusys AC12G EU V1 version AC12GEU V1 200909 Description The device exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. Universal Plug and Play UPnP, a protocol that allow...

8.1CVSS5.6AI score0.00211EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/02 6:9 a.m.96 views

JDWPEx

JDWP Remote Code Execution Exploit A Python 3 implement...

6.7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/01 4:57 p.m.12 views

CVE-2026-45285

Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member a person added via email address who does not have a Nextcloud account, the...

6.4CVSS5.7AI score0.00293EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/01 4:57 p.m.9 views

CVE-2026-45285 Nextcloud: Hidden Public Link creation when sharing to a Team External Member

Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member a person added via email address who does not have a Nextcloud account, the...

6.4CVSS5.7AI score0.00293EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Orca Energija Orca heat pump 安全漏洞

Orca Energija Orca heat pump is a series of air-to-water heat pump systems developed by Orca Energija. There are security vulnerabilities in Orca Energija Orca heat pumps. These vulnerabilities stem from the lack of authentication and plaintext data transmission. Combined with the absence of...

6.3CVSS5.3AI score0.00114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.25 views

PT-2026-45511

Name of the Vulnerable Software and Affected Versions OpenAirInterface5G version 2.4.0 Description An issue exists in the E2SM-KPM RAN Function's PRB utilization metric calculation within the nr-softmodem component. The functions fill RRU PrbTotDl and fill RRU PrbTotUl compute PRB usage percentag...

8.6CVSS5.5AI score0.00393EPSS
Exploits0References4
NVD
NVD
added 2026/05/29 7:16 p.m.14 views

CVE-2026-44650

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

9.1CVSS0.00567EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 6:22 p.m.24 views

GHSA-7CWM-FPFH-RRCH Ironic Standalone Operator's prometheus metrics exporter bound to all interfaces

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

4.3CVSS5.8AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 5:48 p.m.12 views

CVE-2026-44650

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

9.1CVSS5.8AI score0.00567EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/29 5:48 p.m.14 views

EUVD-2026-33404

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

9.1CVSS5.8AI score0.00567EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 5:48 p.m.33 views

CVE-2026-44650 SillyTavern: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

9.1CVSS0.00567EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 5:48 p.m.21 views

CVE-2026-44650

CVE-2026-44650 affects SillyTavern (local UI for LLMs) where the POST /api/extensions/delete endpoint accepts extensionName: "." and bypasses sanitize-filename validation. This causes path traversal that deletes the entire user extensions directory (and potentially the global extensions dir) with...

9.1CVSS5.8AI score0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 1:3 p.m.16 views

EUVD-2026-33305

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

6.9CVSS6AI score0.00455EPSS
Exploits1References1
NVD
NVD
added 2026/05/29 9:16 a.m.22 views

CVE-2026-49200

The acercgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials for web and Telnet, leading to unauthorized system access...

10CVSS0.00518EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.24 views

PT-2026-47556

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

4.3CVSS5.5AI score
Exploits0References4
Exploit DB
Exploit DB
added 2026/05/29 12:0 a.m.95 views

Langflow 1.3.0 - Remote Code Execution

Exploit Title: Langflow 1.3.0 - Remote Code Execution Fofa-dork: title="Langflow" Shodan-dork: title:"Langflow" Date: 23-05-2026 Exploit Author: Diamorphine Venodor Homepage: https://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: 1.2.0 Tested on: Debian CVE :...

9.8CVSS7.3AI score0.10371EPSS
Exploits8
NVD
NVD
added 2026/05/28 6:16 p.m.23 views

CVE-2026-45787

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

9.1CVSS0.00105EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 5:17 p.m.19 views

EUVD-2026-32959

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

6CVSS5.8AI score0.00105EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 10:45 p.m.15 views

GHSA-VMWP-VH32-RJ75 Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override

Remote Code Execution via Mission Database algorithm override Summary The Nashorn ScriptEngine used to evaluate user-supplied algorithm text in MdbOverrideApi.updateAlgorithm is constructed without a ClassFilter, allowing a user with the ChangeMissionDatabase privilege to execute arbitrary Java...

9.8CVSS6.5AI score0.0062EPSS
Exploits0References2
Rows per page
Query Builder