Lucene search
K

4511 matches found

RedHat Linux
RedHat Linux
added 2026/06/16 9:6 a.m.11 views

Important: Red Hat Security Advisory: Technical preview of the satellite/iop-vulnerability-frontend-rhel9 container image

A new satellite/iop-vulnerability-frontend-rhel9 container image is now available as a technical preview in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed package...

10CVSS6.6AI score0.00978EPSS
Exploits11References17
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.20 views

PT-2026-50159

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.0 Description An authorized user can manipulate the value passed to the git diff command to bypass the target directory and write the result of a comparison to an arbitrary path. This path traversal issue occurs...

8.5CVSS6AI score0.0035EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 9:17 p.m.8 views

CVE-2026-48878

Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...

6.5CVSS0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.26 views

CVE-2026-48878 WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...

6.5CVSS0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.9 views

EUVD-2026-36854

Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...

6.5CVSS5.2AI score0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.20 views

CVE-2026-48878

The CVE-2026-48878 entry describes a Sensitive Data Exposure vulnerability in the WordPress Visual Link Preview plugin up to version 2.4.1. Affected software: WordPress Visual Link Preview plugin (versions

6.5CVSS5.2AI score0.00345EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49484

Name of the Vulnerable Software and Affected Versions Visual Link Preview versions prior to 2.4.2 Description An issue in the plugin leads to the exposure of sensitive subscriber data. Recommendations Update to version 2.4.2 or later...

6.5CVSS5.8AI score0.00345EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/12 2:26 a.m.8 views

SUSE CVE-2026-45106

Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any contributor whose content reaches those fields stores HTML and CSS that runs inside the authenticated editor of every user who runs a...

4.6CVSS5.2AI score0.00208EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 8:17 p.m.12 views

CVE-2026-45106

Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any contributor whose content reaches those fields stores HTML and CSS that runs inside the authenticated editor of every user who runs a...

4.6CVSS0.00208EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 7:56 p.m.8 views

CVE-2026-45106 Weblate: Stored HTML injection in editor search preview

Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any contributor whose content reaches those fields stores HTML and CSS that runs inside the authenticated editor of every user who runs a...

4.6CVSS5.3AI score0.00208EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 7:56 p.m.9 views

EUVD-2026-36114

Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any contributor whose content reaches those fields stores HTML and CSS that runs inside the authenticated editor of every user who runs a...

4.6CVSS5.3AI score0.00208EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 7:56 p.m.18 views

CVE-2026-45106

Weblate (web-based localization tool) is affected by a stored HTML injection/XSS in the live search preview prior to version 2026.5, where unit source and context are rendered without escaping, allowing HTML/CSS that runs in authenticated editors of other users performing a matching search. The i...

4.6CVSS5.3AI score0.00208EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 7:56 p.m.31 views

CVE-2026-45106 Weblate: Stored HTML injection in editor search preview

Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any contributor whose content reaches those fields stores HTML and CSS that runs inside the authenticated editor of every user who runs a...

4.6CVSS0.00208EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.12 views

CVE-2026-8599

The MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Campaign HTML Content Field in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.12 views

CVE-2026-41980

Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.5CVSS5.4AI score0.00087EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2026/06/09 2:0 p.m.254 views

June 9, 2026—KB5094125 (OS Build 26100.32995)

June 9, 2026—KB5094125 OS Build 26100.32995 ​​​​​This cumulative update for Windows Server 2025 KB5094125, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

9.8CVSS7.4AI score0.99962EPSS
Exploits28
Vulnrichment
Vulnrichment
added 2026/06/09 7:49 a.m.8 views

CVE-2026-8599 MailerPress <= 2.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via Campaign HTML Content Field

The MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Campaign HTML Content Field in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/09 7:49 a.m.14 views

EUVD-2026-35377

The MailerPress – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Campaign HTML Content Field in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This makes...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References11
CVE
CVE
added 2026/06/09 7:49 a.m.27 views

CVE-2026-8599

The CVE covers the WordPress plugin MailerPress (Email Marketing, Newsletter, Email Automation & WooCommerce Emails) with stored XSS in Campaign HTML Content Field across versions up to 2.0.4. Exploitation requires author-level access (authenticated, Author+), and affects pages loaded in the admi...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References11
NVD
NVD
added 2026/06/09 5:16 a.m.16 views

CVE-2026-41980

Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.5CVSS0.00087EPSS
Exploits0References3
Rows per page
Query Builder