Lucene search
K

136 matches found

Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40529

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description When schema validation is enabled on a collection, an update or insert...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References4
NVD
NVD
added 2026/05/11 10:22 p.m.12 views

CVE-2026-43890

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 9:9 p.m.38 views

CVE-2026-43890 Outline: IDOR in subscriptions.create allows cross-tenant subscription on private documents (sibling of GHSA-23jj-rp48-w7q7)

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS0.00205EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 9:9 p.m.5 views

CVE-2026-43890

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/11 9:9 p.m.11 views

EUVD-2026-29334

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39858

Name of the Vulnerable Software and Affected Versions Outline versions 0.84.0 through 1.7.0 Description The 'subscriptions.create' API endpoint in 'server/routes/api/subscriptions/subscriptions.ts' contains a broken authorization pattern. When both collectionId and documentId are provided in a...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-38844

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...

9.8CVSS5.7AI score0.0113EPSS
Exploits0References13
OSV
OSV
added 2026/05/06 2:45 p.m.9 views

BIT-JAVA-MIN-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

7.5CVSS6.8AI score0.00559EPSS
Exploits1References3
OSV
OSV
added 2026/05/06 2:45 p.m.6 views

BIT-JAVA-2024-56171

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...

9.8CVSS7AI score0.0113EPSS
Exploits0References12
OSV
OSV
added 2026/04/27 2:44 p.m.6 views

OPENSUSE-SU-2026:20629-1 Security update for mariadb

This update for mariadb fixes the following issue: - Update to v11.8.6 - CVE-2026-32710: heap-based buffer overflow via JSONSCHEMAVALID can lead to crash or remote code execution bsc1260081...

9.9CVSS6.6AI score0.00856EPSS
Exploits1References2
NVD
NVD
added 2026/04/23 11:16 p.m.7 views

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

7.5CVSS0.00632EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34606

Name of the Vulnerable Software and Affected Versions Daptin versions prior to 0.11.4 Description The '/aggregate/:typename' endpoint accepts column and group query parameters that are passed without validation to goqu.L, a raw SQL literal expression builder. This bypasses parameterization,...

8.3CVSS6AI score0.00345EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/15 9:34 p.m.5 views

CVE-2026-33806

A flaw was found in Fastify. A remote attacker could exploit this vulnerability by prepending a space to the Content-Type header in a request. This action bypasses the application's schema validation, allowing the attacker to submit data that would otherwise be rejected. This could lead to...

7.5CVSS5.8AI score0.00408EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/15 7:24 p.m.10 views

Fastify has a Body Schema Validation Bypass via Leading Space in Content-Type Header

Summary A validation bypass vulnerability exists in Fastify v5.x where request body validation schemas specified via schema.body.content can be completely circumvented by prepending a single space character \x20 to the Content-Type header. The body is still parsed correctly as JSON or any other...

7.5CVSS7AI score0.0077EPSS
Exploits1References8Affected Software1
SUSE Linux
SUSE Linux
added 2026/04/15 2:34 p.m.5 views

Security update for mariadb

This update for mariadb fixes the following issues: Update to version 11.8.6. https://mariadb.com/docs/release-notes/community-server/11.8/11.8.6 https://mariadb.com/docs/release-notes/community-server/changelogs/11.8/11.8.6 Security issues fixed: CVE-2026-32710: heap-based buffer overflow via...

8.5CVSS6.7AI score0.00856EPSS
Exploits1References4
OSV
OSV
added 2026/04/15 2:34 p.m.7 views

SUSE-SU-2026:1367-1 Security update for mariadb

This update for mariadb fixes the following issues: Update to version 11.8.6. - https://mariadb.com/docs/release-notes/community-server/11.8/11.8.6 - https://mariadb.com/docs/release-notes/community-server/changelogs/11.8/11.8.6 Security issues fixed: - CVE-2026-32710: heap-based buffer overflow...

9.9CVSS6.3AI score0.00856EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/15 12:14 a.m.38 views

CVE-2026-33806 fastify vulnerable to Body Schema Validation Bypass via Leading Space in Content-Type Header

Impact: Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by prepending a space to the Content-Type header. The body is still parsed correctly but schema validation is skipped. This is a regression introduced in fastify = 5.3...

7.5CVSS0.00408EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/15 12:14 a.m.7 views

CVE-2026-33806

Impact: Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by prepending a space to the Content-Type header. The body is still parsed correctly but schema validation is skipped. This is a regression introduced in fastify = 5.3...

7.5CVSS7.1AI score0.00686EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/07 5:3 p.m.7 views

CVE-2026-34975

Plunk is an open-source email platform built on top of AWS SES. Prior to 0.8.0, a CRLF header injection vulnerability was discovered in SESService.ts, where user-supplied values for from.name, subject, custom header keys/values, and attachment filenames were interpolated directly into raw MIME...

8.5CVSS6.1AI score0.00194EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30675

Plunk is an open-source email platform built on top of AWS SES. Prior to 0.8.0, a CRLF header injection vulnerability was discovered in SESService.ts, where user-supplied values for from.name, subject, custom header keys/values, and attachment filenames were interpolated directly into raw MIME...

8.5CVSS6.1AI score0.00194EPSS
Exploits2References2
Rows per page
Query Builder