Lucene search
K

4 matches found

CVE
CVE
added 2026/06/02 5:31 p.m.129 views

CVE-2026-34077

React Router upstream vulnerability CVE-2026-34077 affects versions 7.7.0–7.13.1 where, when using unstable React Server Components APIs, the RSC redirect handling can lead to a client-side XSS if redirects come from untrusted sources. The issue does not impact non-RSC applications. A fix is avai...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/02 4:59 p.m.15 views

CVE-2026-33244

React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the HTTP Location header value can permit Cross-Site Scripting XSS in the statically generated HTML files if the redirect location comes from an...

5.4CVSS5.8AI score0.00144EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/12/16 8:12 a.m.10 views

CVE-2025-64634

CVE-2025-64634 affects the WordPress ThemeFusion Avada theme (versions up to 7.13.2). The root cause is a missing authorization check on a function, allowing authenticated users (subscriber level and up) to access functionality not properly constrained by ACLs. CVSS v3.1 base score is 5.3 (Medium...

5.3CVSS5.9AI score0.00214EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/10/07 8:15 p.m.3 views

CVE-2025-36565

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument Delimiters in a...

6.7CVSS5.9AI score0.00191EPSS
Exploits0References1
Rows per page
Query Builder