Lucene search
K

30 matches found

Circl
Circl
added 3 days ago4 views

CVE-2026-51946

creationtimestamp| type| source ---|---|--- 2026-07-02 07:17:38+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnih6gcem2k 2026-07-02 07:24:19+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpnit5xhki22 2026-07-03 12:06:17+00:00| seen|...

6.5CVSS5.9AI score0.00336EPSS
Exploits0References4
OSV
OSV
added 6 days ago4 views

PYSEC-2026-345 Gradio allows users to access arbitrary files

Impact This vulnerability allows users of Gradio applications that have a public link such as on Hugging Face Spaces to access files on the machine hosting the Gradio application. This involves intercepting and modifying the network requests made by the Gradio app to the server. Patches Yes, the...

9.2CVSS7AI score0.85393EPSS
Exploits2References7
EUVD
EUVD
added 2026/06/01 4:57 p.m.16 views

EUVD-2026-33709

Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member a person added via email address who does not have a Nextcloud account, the...

6.4CVSS5.7AI score0.00293EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 4:57 p.m.26 views

CVE-2026-45285

Concretely affected software: Nextcloud server branches 32.x (32.0.0–32.0.8) and 33.x (33.0.0–33.0.2). The vulnerability arises when sharing with a Team that includes an external member; a public link is auto-created for that external member and is not shown in the share UI. The link grants the s...

6.4CVSS5.7AI score0.00293EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45529

Name of the Vulnerable Software and Affected Versions Nextcloud versions 32.0.0 through 32.0.8 Nextcloud versions 33.0.0 through 33.0.2 Description When a user shares a folder or file with a Nextcloud Team containing an external member a person added via email without a Nextcloud account, the...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Nextcloud Teams 安全漏洞

NextCloud Teams is an open-source team collaboration and group management tool developed by NextCloud. There were security vulnerabilities in versions of NextCloud Teams between 32.0.0 and 32.0.9, as well as between 33.0.0 and 33.0.3. These vulnerabilities stemmed from the system automatically...

6.4CVSS5.4AI score0.00293EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/28 8:11 p.m.3 views

CVE-2026-41649

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.3AI score0.00293EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

Outline 安全漏洞

Outline is an open-source knowledge base developed by Outline. Versions of Outline from 0.86.0 to 1.7.0 contained security vulnerabilities. These vulnerabilities were caused by insecure direct object references. When both the collectionId and documentId are provided in a request, the authorizatio...

7.7CVSS5.8AI score0.00293EPSS
Exploits1References1
Circl
Circl
added 2026/04/11 1:30 a.m.3 views

CVE-2026-4149

creationtimestamp| type| source ---|---|--- 2026-04-11 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116383483774809251 2026-04-11 01:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mj6osz6g672t 2026-04-11 03:06:41+00:00| seen|...

10CVSS8.7AI score0.00995EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.5 views

CVE-2026-35516

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

5CVSS5.9AI score0.00274EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.5 views

CVE-2026-32761

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...

6.5CVSS5.7AI score0.00424EPSS
Exploits1References1
NVD
NVD
added 2026/03/20 12:16 a.m.6 views

CVE-2026-32761

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...

6.5CVSS0.00424EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.11 views

File Browser 安全漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser 2.61.0 and earlier contain security vulnerabilities. These vulnerabilities stem from...

6.5CVSS5.8AI score0.00424EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:45 p.m.3 views

CVE-2026-32761

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...

6.5CVSS5.7AI score0.00424EPSS
Exploits1References4Affected Software1
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.4 views

The Silent Spill: Measuring Sensitive Data Leaks across Public URL Repositories

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose links containing sensitive information, as reported in so...

5.9AI score
Exploits0
Circl
Circl
added 2026/02/23 12:0 a.m.7 views

CVE-2026-2959

creationtimestamp| type| source ---|---|--- 2026-02-23 00:00:41+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mfidv3dn2t2u 2026-02-23 00:00:55+00:00| seen| https://infosec.exchange/users/offseq/statuses/116117001877252256 2026-02-23 01:00:39+00:00| seen|...

9CVSS8.2AI score0.00642EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/02/05 9:29 p.m.9 views

OpenCloud Affected by Public Link Exploit

Impact A security issue was discovered in Reva that enables a malicious user to bypass the scope validation of a public link. That allows it to access resources outside the scope of a public link. OpenCloud uses Reva as one of its core components and thus it is affected. Patches Update to OpenClo...

5.5AI score
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.5 views

Google Gemini iOS 安全漏洞

Google Gemini iOS is an AI-assisted tools app from Google, Inc. in the United States. Google Gemini iOS suffers from a security vulnerability that originates from the generation of public links containing the full conversation history when sharing conversation snippets, which could lead to...

1CVSS6.2AI score0.00119EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-19474

Malware in sbrugna...

9.1CVSS9AI score0.01849EPSS
Exploits0References5
OSV
OSV
added 2024/09/25 9:48 p.m.2 views

GHSA-M842-4QM8-7GPQ Gradio allows users to access arbitrary files

Impact This vulnerability allows users of Gradio applications that have a public link such as on Hugging Face Spaces to access files on the machine hosting the Gradio application. This involves intercepting and modifying the network requests made by the Gradio app to the server. Patches Yes, the...

9.2CVSS6.9AI score0.85393EPSS
Exploits2References5
Rows per page
Query Builder