Lucene search
K

1076 matches found

NVD
NVD
added 2026/06/10 2:16 p.m.14 views

CVE-2026-52754

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS0.00252EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/10 12:40 p.m.13 views

EUVD-2026-36013

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.10 views

CVE-2026-36723

An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem. This enables unauthorized access to...

8.8CVSS6.5AI score0.00998EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48414

Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/07 12:43 a.m.13 views

CVE-2026-11414

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS5.6AI score0.00478EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.17 views

CVE-2026-11414

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS0.00478EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.11 views

CVE-2026-39311

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Versions 0.102.1 and prior contain a critical security flaw where lack of SVG sanitization combined with a disabled Content Security Policy CSP and a publicly reachable...

6.8CVSS6.3AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41553

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicious JavaScript code to the parameter whose value is processed by Node.js and subsequently executed...

10CVSS5.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.13 views

CVE-2026-41265

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the AirtableAgents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt...

9.8CVSS7.8AI score0.00464EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/05 7:1 p.m.11 views

EUVD-2026-34899

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS5.6AI score0.00478EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:1 p.m.9 views

CVE-2026-11414

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS5.6AI score0.00478EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/05 7:1 p.m.32 views

CVE-2026-11414 Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS5.6AI score0.00478EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/05 4:39 p.m.17 views

DbGate: Remote Code Execution via functionName injection in loadReader endpoint

Summary The POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, no special permissions required can inject arbitrary JavaScript...

8.8CVSS6AI score0.0051EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.15 views

CVE-2026-45629

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS6.1AI score0.00758EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 6:17 p.m.19 views

CVE-2026-45629

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS0.00758EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 4:40 p.m.16 views

EUVD-2026-33362

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS6.1AI score0.00758EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 4:40 p.m.41 views

CVE-2026-45629 Dokploy: Authenticated Remote Code Execution via Command Injection in /listen-deployment WebSocket Endpoint

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS0.00758EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 4:40 p.m.11 views

CVE-2026-45629 Dokploy: Authenticated Remote Code Execution via Command Injection in /listen-deployment WebSocket Endpoint

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS6.1AI score0.00758EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 4:40 p.m.9 views

CVE-2026-45629

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS6.1AI score0.00758EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/29 4:40 p.m.22 views

CVE-2026-45629

Dokploy (PaaS) v0.28.8 and earlier is vulnerable to authenticated OS command injection via the /listen-deployment WebSocket endpoint. An organization member can execute arbitrary system commands on remote Dokploy-managed servers, potentially achieving full server compromise. The CVSS metrics indi...

9.9CVSS6.1AI score0.00758EPSS
Exploits0References1
Rows per page
Query Builder