82 matches found
CVE-2026-10562
An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface. An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences. When processed by the embedded web...
EUVD-2026-40039
The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Stored Cross-Site Scripting vulnerability. When a persistent object cache is enabled, cache keys derived from unsanitised user input e.g. a transient nam...
CVE-2026-45627
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query parameter into the body of an SVG document via strings.ReplaceAll with no escaping. The substitution...
CVE-2026-50589
In the provided documents, CVE-2026-50589 affects OpenStack Ironic 32 prior to 37.0.0. The underlying issue is that an unauthenticated malicious user can submit a crafted JSON string to certain API/JSON-RPC endpoints, leading to a service crash. The reports consistently reference the same conditi...
CVE-2026-45697
Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields with Default value → Custom that were evaluated as Twig during submission handling, which could lead to serious compromise of the Craft site depending ...
CVE-2026-44321
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...
EUVD-2026-32577
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...
CVE-2026-40839 Authenticated SQLi in getComponentScalings function
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getComponentScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2018-25368 Nord VPN 6.14.31 Denial of Service via Password Field
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers can paste a buffer of repeated characters into the password input field to trigger an application...
CVE-2026-44366 Vvveb: Stored XSS via Comment Author Field
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.1, a Stored Cross-Site Scripting XSS vulnerability exists in the Vvveb CMS comment submission flow. The author field is submitted by an unauthenticated user on any public post...
Vvveb 跨站脚本漏洞
Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.1 had a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the author field in comment...
CVE-2026-43967 Quadratic fragment-name uniqueness check causes denial of service in absinthe
Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via quadratic fragment-name uniqueness validation. 'Elixir.Absinthe.Phase.Document.Validation.UniqueFragmentNames':run/2 iterates over all fragments and for each one calls...
CVE-2026-43967
Summary: CVE-2026-43967 affects Absinthe (Elixir/absinthe-graphql). The vulnerability arises in the fragment-name validation phase where UniqueFragmentNames:run/2 checks each fragment name by counting matches with a full linear scan, yielding O(N^2) comparisons per document. With attacker-control...
CVE-2026-41690
Summary: CVE-2026-41690 affects i18next-http-middleware
CVE-2026-32686
Uncontrolled Resource Consumption vulnerability in ericmj decimal allows unauthenticated remote Denial of Service. The decimal library does not bound the exponent on parsed input. Storing a decimal with a very large exponent e.g. Decimal.new"1e1000000000" is accepted without error. Subsequent cal...
BIT-JAVA-2021-35565
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacke...
CVE-2026-41179
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...
CVE-2026-40477
A flaw was found in Thymeleaf, a server-side Java template engine. An unauthenticated remote attacker can exploit a security bypass vulnerability in the expression execution mechanisms. By providing unvalidated user input directly to the template engine, the attacker can bypass the library's...
CVE-2018-25246
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash...
CVE-2018-25246 Wikipedia 12.0 Denial of Service via Search
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash...