Lucene search
K

5 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-12902

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00272EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/04/08 7:32 p.m.4 views

CVE-2026-39362 InvenTree has SSRF via Remote Image Download — No IP/Hostname Validation on remote_image URLs

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREEDOWNLOADFROMURL is enabled opt-in, authenticated users can supply remoteimage URLs that are fetched server-side via requests.get with only Django's URLValidator check. There is no validation against...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 7:32 p.m.30 views

CVE-2026-39362

CVE-2026-39362 affects InvenTree (Open Source Inventory Management System). Before versions 1.2.7 and 1.3.0, when INVENTREE_DOWNLOAD_FROM_URL is enabled, authenticated users can supply remote_image URLs that are fetched server-side via requests.get() with only Django’s URLValidator check. There i...

7.1CVSS5.9AI score0.00233EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

InvenTree 代码问题漏洞

InvenTree is an open-source inventory management system developed by InvenTree. It provides powerful low-level inventory control and parts tracking capabilities. Versions of InvenTree prior to 1.2.7 and 1.3.0 contained code vulnerabilities. These vulnerabilities stemmed from the fact that when...

7.1CVSS5.9AI score0.00233EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.4 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : OpenStack Glance vulnerability (USN-8111-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8111-1 advisory. It was discovered that OpenStack Glance was incorrectly validating the IP addresses and the redirect destination URL when downloading or...

5.9AI score
Exploits0References1
Rows per page
Query Builder