Lucene search
K

250 matches found

Nuclei
Nuclei
added yesterday16 views

MagicMirror <= 2.35.0 - Server-Side Request Forgery

An unauthenticated Server-Side Request Forgery SSRF vulnerability in the /cors endpoint allows any remote attacker to force the MagicMirror² server to perform arbitrary HTTP requests to internal networks, cloud metadata services, and localhost services. The endpoint also expands environment...

9.2CVSS6.2AI score0.01623EPSS
Exploits1References4
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42299

ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a...

4.7CVSS6.1AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:48 p.m.33 views

CVE-2026-34038 Coolify authenticated remote command injection leading to RCE and secret exfiltration

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution...

9.9CVSS0.02539EPSS
Exploits1References4
OSV
OSV
added 2026/07/06 8:48 p.m.1 views

CVE-2026-34038 Coolify authenticated remote command injection leading to RCE and secret exfiltration

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution...

9.9CVSS6.6AI score0.02539EPSS
Exploits1References6
CVE
CVE
added 2026/07/06 8:48 p.m.12 views

CVE-2026-34038

CVE-2026-34038 affects Coolify prior to 4.0.0-beta.469. An authenticated user with application write permissions could trigger remote command execution via the deployment handling pipeline, and exfiltrate sensitive environment variables through deployment logs (e.g., via dockerfile_location and d...

9.9CVSS6.6AI score0.02539EPSS
Exploits1References4
NVD
NVD
added 2026/06/30 5:16 p.m.7 views

CVE-2026-58370

Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, pipeline.Author is populated from the git commit author name commit.author.name carried in the webhook payload, which is attacker-controlled and not verified by GitLab. A us...

9.2CVSS0.00546EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53928

Name of the Vulnerable Software and Affected Versions Woodpecker versions prior to 3.15.0 Description When using the GitLab forge driver, the system matches the ApprovalAllowedUsers bypass list against the pipeline.Author variable. The pipeline.Author is populated from the commit.author.name...

9.2CVSS6.1AI score0.00546EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 2:13 p.m.7 views

Malicious code in @epsteinlovekids483/crossmint-wallets-sdk-pentest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e43e5a418541bb3e485010eba536ecc9f1483dba866af53ff4a760684409213 Package's main entry dist/index.cjs unconditionally requires dist/shai-hulud.js at module load. On require, the code harvests installer secrets —...

5.9AI score
Exploits0References9
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5365 Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration in code.gitea.io/gitea

Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration in code.gitea.io/gitea...

8.1CVSS5.8AI score0.00304EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/17 6:8 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the POST /api/v1/repos/owner/repo/forks API endpoint, which fails to enforce the required organization repository creation permissions. An attacker can gain administrative control over a new repository within...

8.6CVSS5.9AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 6:8 p.m.5 views

GHSA-FHX7-M96W-MV29 Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration

Summary The API endpoint POST /api/v1/repos/owner/repo/forks only checks IsOrgMember when a user forks a repository into an organization, but does not check CanCreateOrgRepo. The web UI fork handler correctly checks both. This allows a read-only organization member — in a team with...

8.1CVSS6AI score0.00304EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/17 6:8 p.m.22 views

Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration

Summary The API endpoint POST /api/v1/repos/owner/repo/forks only checks IsOrgMember when a user forks a repository into an organization, but does not check CanCreateOrgRepo. The web UI fork handler correctly checks both. This allows a read-only organization member — in a team with...

8.1CVSS6AI score0.00304EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/17 5:4 p.m.9 views

MAL-2026-6067 Malicious code in scan-only (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7779ff21d9783e1026e13a7abf65e448c5f3d3d111f3cae539f3690e53a2b4 The CLI binary at bin/scan-only.js, when invoked e.g., via npx scan-only --diagnose, harvests installer-side secrets and ships them to a hardcoded...

6.2AI score
Exploits0References14
OSV
OSV
added 2026/06/16 10:20 p.m.8 views

MAL-2026-5934 Malicious code in ssr-auth-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe43338279cb894ffacc18ef9ec757d4b4fa8b603672b0bedcb4c00d9f8a806 On require'ssr-auth-sync', index.js loads lib/writer.js, which immediately fetches a base64-hidden URL https://www.jsonkeeper.com/b/PJNZP, an anonymo...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/16 9:0 p.m.6 views

GHSA-F989-C77F-R2CQ Crawl4AI: LLM credential exfiltration in Docker server via request base_url and env: token resolution

Summary The Docker API server let a request control where LLM calls were sent and which environment variable an LLM token resolved from. Both could be abused to exfiltrate server-held secrets. The Docker API is unauthenticated by default. Vector 1 - attacker baseurl /md, /llm, and /llm/job accept...

8.2CVSS5.6AI score0.00268EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 5:23 p.m.9 views

MAL-2026-5806 Malicious code in flowdefi (npm)

flow/surf-lending DeFi cred-exfil campaign sibling c1655. preinstall node index.js || true exfils env secrets to raw C2 2.25.140.71:8443/surflending/npm-confusion verified identical. No-renotify. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 5:23 p.m.11 views

Malicious code in flowdefi (npm)

flow/surf-lending DeFi cred-exfil campaign sibling c1655. preinstall node index.js || true exfils env secrets to raw C2 2.25.140.71:8443/surflending/npm-confusion verified identical. No-renotify. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 5:23 p.m.21 views

Malicious code in surf-lending (npm)

Sibling of [email protected] campaign C2 path /surflending/. Sentinel-9.9.9 dep-confusion squat; preinstall node index.js || true exfils env secrets mnemonic/key/token/blockfrost to raw C2 2.25.140.71:8443/surflending/npm-confusion. c913 + c252. --- -= Per source details. Do not edit below this...

5.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 4:47 a.m.14 views

Malicious code in forge-jsx2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ce40276c3c58337b7db3272f89e0716b017b4d63bfa625b8757b9d1969ec9f9 The package masquerades as an 'Autodesk Forge' integration but ships no Forge API code. On npm install, scripts/postinstall-agent.mjs materializes a...

5.6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 3:10 a.m.16 views

Malicious code in solana-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 059c5a74392811a397d3868092b7bcc84fbfac9d2f3de1c69a6421cdf756b652 On npm install, the package's postinstall hook node install.js executes a multi-stage attack against the installer's machine. It reads...

5.5AI score
Exploits0References1
Rows per page
Query Builder