Lucene search
K

3541 matches found

Nuclei
Nuclei
added 9 hours ago73 views

Vite Dev Server - Information Exposure

Vite is a frontend tooling framework for JavaScript. Before versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network using...

6CVSS6.2AI score0.01077EPSS
Exploits1References2
OSV
OSV
added yesterday17 views

ROOT-APP-PYPI-CVE-2025-62727 CVE-2025-62727 in rootio-starlette - Patched by Root

Root has patched CVE-2025-62727 in the rootio-starlette package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.4AI score0.00638EPSS
Exploits0
OSV
OSV
added yesterday5 views

ROOT-OS-DEBIAN-12-CVE-2023-5388 CVE-2023-5388 in rootio-nss - Patched by Root

Root has patched CVE-2023-5388 in the rootio-nss package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS8.2AI score0.00816EPSS
Exploits0
OSV
OSV
added yesterday6 views

ROOT-OS-DEBIAN-12-CVE-2026-32778 CVE-2026-32778 in rootio-expat - Patched by Root

Root has patched CVE-2026-32778 in the rootio-expat package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS7.1AI score0.00143EPSS
Exploits0
NVD
NVD
added 4 days ago7 views

CVE-2026-47422

Frappe is a full-stack web application framework. Prior to 15.107.5 and 16.18.2, an endpoint in reportview lacked appropriate permission checks and that has since been fixed. This vulnerability is fixed in 15.107.5 and 16.18.2...

5.3CVSS0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-47422 Frappe: Unrestricted API access to save_report

Frappe is a full-stack web application framework. Prior to 15.107.5 and 16.18.2, an endpoint in reportview lacked appropriate permission checks and that has since been fixed. This vulnerability is fixed in 15.107.5 and 16.18.2...

5.3CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 4 days ago12 views

ROOT-APP-PYPI-CVE-2023-32681 CVE-2023-32681 in rootio-requests - Patched by Root

Root has patched CVE-2023-32681 in the rootio-requests package for Root:PyPI. Multiple fixed versions available...

6.1CVSS8.1AI score0.02974EPSS
Exploits1
OSV
OSV
added 4 days ago9 views

ROOT-APP-PYPI-CVE-2026-25645 CVE-2026-25645 in rootio-requests - Patched by Root

Root has patched CVE-2026-25645 in the rootio-requests package for Root:PyPI. Multiple fixed versions available...

5.5CVSS5.8AI score0.00182EPSS
Exploits0
OSV
OSV
added 4 days ago4 views

ROOT-APP-PYPI-CVE-2026-54277 CVE-2026-54277 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-54277 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

8.7CVSS5.8AI score0.00322EPSS
Exploits0
OSV
OSV
added 4 days ago11 views

ROOT-APP-PYPI-CVE-2025-69230 CVE-2025-69230 in rootio-aiohttp - Patched by Root

Root has patched CVE-2025-69230 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

5.3CVSS7.1AI score0.00332EPSS
Exploits0
NVD
NVD
added 4 days ago8 views

CVE-2026-41878

R-SOFT DMS is vulnerable to Insecure Direct Object Reference IDOR attack in multiple file download endpoints. The application fetches files from the database by ID and serves them to whoever requests them, relying only on session authentication, meaning any valid user can access any file. This...

7.1CVSS0.0047EPSS
Exploits0References1
OSV
OSV
added 4 days ago4 views

ROOT-OS-DEBIAN-13-CVE-2026-3479 CVE-2026-3479 in rootio-python3.13 - Patched by Root

Root has patched CVE-2026-3479 in the rootio-python3.13 package for Root:Debian:13. Multiple fixed versions available...

3.3CVSS5.8AI score0.00238EPSS
Exploits0
OSV
OSV
added 4 days ago4 views

ROOT-OS-DEBIAN-12-CVE-2024-2379 CVE-2024-2379 in rootio-curl - Patched by Root

Root has patched CVE-2024-2379 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.3CVSS5.5AI score0.01709EPSS
Exploits1
OSV
OSV
added 4 days ago3 views

ROOT-OS-DEBIAN-12-CVE-2026-34978 CVE-2026-34978 in rootio-cups - Patched by Root

Root has patched CVE-2026-34978 in the rootio-cups package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.9AI score0.00406EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-55590

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

5.1CVSS5.9AI score0.00578EPSS
Exploits0References11Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago4 views

CVE-2026-55420

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-default configurations, processing of PDF uploads could be exploited to obtain RCE on the server. This issue is patched in 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5...

7.5CVSS5.9AI score0.0033EPSS
Exploits0References7Affected Software1
OSV
OSV
added 5 days ago7 views

ROOT-APP-PYPI-CVE-2026-22702 CVE-2026-22702 in rootio-virtualenv - Patched by Root

Root has patched CVE-2026-22702 in the rootio-virtualenv package for Root:PyPI. Multiple fixed versions available...

4.5CVSS5.8AI score0.00085EPSS
Exploits0
OSV
OSV
added 5 days ago15 views

ROOT-APP-MAVEN-CVE-2026-24734 CVE-2026-24734 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-24734 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00498EPSS
Exploits0
OSV
OSV
added 5 days ago7 views

ROOT-APP-MAVEN-CVE-2024-56337 CVE-2024-56337 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root

Root has patched CVE-2024-56337 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available...

9.8CVSS6.9AI score0.08856EPSS
Exploits13
OSV
OSV
added 5 days ago21 views

ROOT-APP-MAVEN-CVE-2026-43515 CVE-2026-43515 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-43515 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

9.1CVSS5.8AI score0.01136EPSS
Exploits1
Rows per page
Query Builder