Lucene search
K

11084 matches found

vulnersOsv
vulnersOsv
added 2026/05/11 5:19 p.m.5 views

agent-context-packager (>=0.3.0 <=0.3.3), agentcrew-ai (>=0.6.0 <=0.6.11.post2) +236 more potentially affected by CVE-2026-31248 via docling (>=1.11.0 <=2.90.0)

docling PYPI version =1.11.0, =0.3.0, =0.6.0, =0.1.4, =0.3.2, =0.2.5, =0.4.0, =0.2.0, =26.5.333, =0.0.2, =0.1.0, =1.0.3, =1.0.0, =1.0.3 and more Source cves: CVE-2026-31248 Source advisory: SNYK:PYTHON-DOCLING-16757932...

7.5CVSS5.7AI score0.00278EPSS
Exploits0
Patchstack
Patchstack
added 2026/05/11 4:21 p.m.11 views

NPM: Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up

Incomplete Fix Follow-Up vulnerability discovered by ? in WordPress Npm next versions = 15.2.0, 15.5.18...

7.5CVSS5.8AI score0.00505EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/11 4:17 p.m.9 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), adede (=4.1.0) +202 more potentially affected by CVE-2026-44200 via wagtail (>=1.0.0 <=7.0.0)

wagtail PYPI version =1.0.0, =0.0.0, =0.57.1, =0.1.0a0.dev0, =4.1.0, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =6.3.8 and more Source cves: CVE-2026-44200 Source advisory: OSV:PYSEC-2026-149...

6.5CVSS5.7AI score0.00201EPSS
Exploits0
Patchstack
Patchstack
added 2026/05/11 3:57 p.m.9 views

NPM: Next.js vulnerable to cross-site scripting in App Router applications using CSP nonces

NPM: Next.js vulnerable to cross-site scripting in App Router applications using CSP nonces vulnerability discovered by ? in WordPress Npm next versions = 13.4.0, 15.5.16...

4.7CVSS5.6AI score0.00222EPSS
Exploits1References5Affected Software1
Patchstack
Patchstack
added 2026/05/11 3:54 p.m.12 views

NPM: Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes

NPM: Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes vulnerability discovered by ? in WordPress Npm next versions = 15.2.0, 15.5.16...

7.5CVSS5.8AI score0.01416EPSS
Exploits0References5Affected Software1
Patchstack
Patchstack
added 2026/05/11 3:53 p.m.10 views

NPM: Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n

NPM: Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n vulnerability discovered by ? in WordPress Npm next versions = 12.2.0, 15.5.16...

7.5CVSS5.8AI score0.00457EPSS
Exploits1References5Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/11 2:57 p.m.9 views

blrec (>=1.8.0 <=2.0.0b5), dagster-looker (>=0.26.6 <=0.29.8) +6 more potentially affected by CVE-2026-45017 via python-liquid (>=1.10.2 <=2.0.2)

python-liquid PYPI version =1.10.2, =1.8.0, =0.26.6, =0.8.0, =0.1.1, =0.1.0, =0.1.0, =0.4.0, =0.0.1, =0.3.0 Source cves: CVE-2026-45017 Source advisory: OSV:GHSA-8P4X-WR7X-3788...

8.2CVSS5.7AI score0.00335EPSS
Exploits0
Patchstack
Patchstack
added 2026/05/11 2:50 p.m.9 views

NPM: Facebook React has a Denial of Service Vulnerability in React Server Components

NPM: Facebook React has a Denial of Service Vulnerability in React Server Components discovered by ? in WordPress Npm react-server-dom-parcel versions = 19.0.0, 19.0.6...

7.5CVSS5.8AI score0.01533EPSS
Exploits1References5Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/11 2:28 p.m.5 views

bsky2llm (=0.1.0), downitall-android (=1.5.0) +14 more potentially affected by CVE-2026-44353 via streamlink (>=0.14.2 <=8.0.0)

streamlink PYPI version =0.14.2, =0.3.0, =0.0.1, =0.0.18, =1.0.0, =0.12.0, =0.1.14, =1.1.0, =0.0.1, =2.1.0, =3.4.0b2 - twitch-fapi-backend =0.1.0 and more Source cves: CVE-2026-44353 Source advisory: OSV:GHSA-HGQW-6M45-HW5F...

6.5CVSS5.4AI score0.00345EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Sonatype Nexus Repository Manager 代码问题漏洞

Sonatype Nexus Repository Manager NXRM is a repository manager developed by Sonatype, Inc., in the United States. It is primarily used for managing, storing, and distributing software. Versions of Sonatype Nexus Repository Manager from 3.0.0 to 3.91.1 contained code vulnerabilities. These...

5.1CVSS5.9AI score0.00257EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

Wikimedia CheckUser 信息泄露漏洞

Wikimedia CheckUser is a advanced investigation tool of the Wikimedia Foundation designed to combat disruptive behavior. Versions of Wikimedia CheckUser from 1.45.0 to 1.45.2 contained a vulnerability related to information leakage, which resulted in sensitive information being exposed to...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.7 views

MinIO 路径遍历漏洞

MinIO is an open-source object storage server developed by the American company MinIO. This product supports the creation of infrastructures for machine learning, analysis, and application data workloads. Versions of MinIO from RELEASE.2022-07-24T01-54-52Z to RELEASE.2026-04-14T21-32-45Z had a pa...

6.9CVSS5.8AI score0.08457EPSS
Exploits0References1
OSV
OSV
added 2026/05/10 9:16 p.m.9 views

DEBIAN-CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

6.5CVSS5.8AI score0.00311EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/10 8:15 p.m.13 views

CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

5.8AI score0.00311EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/05/10 12:6 a.m.9 views

aoh (>=1.0.1 <=1.1.0), beratools (=0.2.2) +25 more potentially affected by CVE-2026-8213 via gdal (>=3.0.1 <=3.12.1)

gdal PYPI version =3.0.1, =1.0.1, =0.1.1, =0.0.7, =2.0.1, =0.4.0, =0.2.92, =0.9.2, =0.10.3, =0.4.5, =2.6.0, =2.7.0 - hyp3lib =4.0.1 and more Source cves: CVE-2026-8213 Source advisory: SNYK:PYTHON-GDAL-16624509...

5.5CVSS6AI score0.00258EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.8 views

PT-2026-39539

Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.24 Description Improper validation of CIDR mask values allows extraneous zero characters to be processed. Mask forms such as "/00" and "/01" pass validation and are parsed as the same prefix as their unpadde...

6.5CVSS5.8AI score0.00311EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.11 views

Fedora 42 : prosody (2026-1efa008794)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1efa008794 advisory. Prosody 13.0.5 Upstream is pleased to announce a new minor release from their stable branch. This is a security release for the Prosody 13.0.x stabl...

7.5CVSS5.8AI score0.00348EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/09 7:24 p.m.34 views

CVE-2026-42574 apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same o...

7.5CVSS0.00352EPSS
Exploits0References4
OSV
OSV
added 2026/05/09 12:32 p.m.7 views

OESA-2026-2230 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

5.1CVSS5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:46 a.m.12 views

SUSE CVE-2026-8149

A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X8664, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2.73.0 before 2.73.11...

5.1CVSS5.8AI score0.00158EPSS
Exploits0References3
Rows per page
Query Builder