Lucene search
K

13117 matches found

NVD
NVD
added 2026/06/22 10:16 p.m.8 views

CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS0.00191EPSS
Exploits0References4
NVD
NVD
added 2026/06/22 10:16 p.m.9 views

CVE-2026-56698

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side script execution. Attackers can supply javascript: URLs through the open parameter to execute arbitrary scripts in the application's origin when...

6.1CVSS0.00234EPSS
Exploits0References4
CVE
CVE
added 2026/06/22 9:4 p.m.12 views

CVE-2026-56698

Nuxt CVE-2026-56698 affects Nuxt 4.0.0–4.4.6 and 3.x up to 3.21.6 (versions before the fixed releases). The navigateTo open option fails to validate script-capable URLs, allowing attacker-controlled javascript: URLs to execute arbitrary scripts in the application's origin when user input is passe...

6.1CVSS6.1AI score0.00234EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/22 9:4 p.m.6 views

EUVD-2026-38366

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user-supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6-mapped IPv4 addresses to reac...

9.2CVSS6AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/22 5:1 p.m.3 views

EUVD-2026-11599

OpenCTI has Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature...

7.7CVSS5.8AI score0.00212EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 4:16 p.m.11 views

CVE-2026-9610

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls...

5.3CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:40 p.m.38 views

CVE-2026-46417 Angular: SSRF via Hostname Hijacking in @angular/platform-server

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how...

8.8CVSS0.0021EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 3:40 p.m.21 views

CVE-2026-46417

CVE-2026-46417 describes a Server-Side Request Forgery (SSRF) in @angular/platform-server caused by how the SSR engine processes absolute-form URLs. When such a URL is passed to the rendering entry points, internal ServerPlatformLocation can be coerced to use the attacker-controlled domain as the...

8.8CVSS5.9AI score0.0021EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:39 p.m.3 views

CVE-2026-50168

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints an...

8.8CVSS6.1AI score0.00193EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2026/06/22 1:30 a.m.6 views

CVE-2026-56394

creationtimestamp| type| source ---|---|--- 2026-06-22 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116791170039431358 2026-06-22 01:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3motqfb5ttb2g...

7.1CVSS5.8AI score0.00336EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/20 6:27 p.m.8 views

EUVD-2026-38131

AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenticated administrators to read arbitrary URLs via the statsURL parameter, which lacks isSSRFSafeURL validation and accepts requests to private IP ranges and cloud metadata...

6.8CVSS6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird, Firefox

Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log did not account for external URLs. As a result, data could potentially be exfiltrated from the browser. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird...

6.5CVSS6.8AI score0.00641EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.20 views

Astra Linux – Vulnerability in jsoup

jsoup is a Java HTML parser designed for HTML editing, cleaning, scraping, and XSS Cross-Site Scripting protection. However, jsoup may incorrectly sanitize HTML containing javascript: URLs, which could allow XSS attacks when a user clicks on those links. If the non-default...

6.1CVSS6.5AI score0.01208EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Composer

Composer is a dependency manager for PHP. The URLs for Mercurial repositories in the composer.json file at the root level, as well as the source download URLs, are not sanified correctly. Specifically crafted URL values allow code to be executed via the HgDriver if hg/Mercurial is installed on th...

8.8CVSS8.5AI score0.04849EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Python 3.7, Python 2.7

A issue in the urllib.parse component of Python prior to version 3.11.4 allows attackers to bypass blocklisting methods by providing a URL that starts with blank characters...

7.5CVSS7.5AI score0.20459EPSS
Exploits3References2
Circl
Circl
added 2026/06/19 12:0 a.m.8 views

CVE-2026-54130

creationtimestamp| type| source ---|---|--- 2026-06-19 00:00:40+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3molzxtvyh42l 2026-06-19 00:00:44+00:00| seen| https://infosec.exchange/users/offseq/statuses/116773829826207617 2026-06-19 01:19:07+00:00| seen|...

9.8CVSS5.8AI score0.00578EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/18 6:35 p.m.12 views

[Eclipse Theia] Data Exfiltration via Markdown Image Rendering in AI Chat

In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering HTTP requests to arbitrary external URLs without restriction. Combined with prompt injection in a malicious workspace, an attacker could induce the AI agent to construct image URLs...

6.7CVSS6AI score0.00181EPSS
Exploits0References6Affected Software7
RedHat Linux
RedHat Linux
added 2026/06/18 5:24 p.m.5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/18 4:16 p.m.7 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS8.3AI score0.00728EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/06/18 1:7 p.m.6 views

TinaCMS rich-text (slatejson) rendering does not sanitize link/image URLs, allowing stored XSS via dangerous URL schemes

TinaCMS rich-text parsing and the default link/image renderers did not sanitize the url field on Slate link/image nodes. Content containing javascript: or data:text/html URLs — including case-variant, whitespace-padded, and control-character-obfuscated forms — is rendered into href/src and execut...

4.8CVSS5.2AI score0.00239EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder