Lucene search
+L

4262 matches found

NVD
NVD
added yesterday6 views

CVE-2026-3031

Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library. Image::EPEG includes Epeg 0.9.0 that was last updated in 2004. Epeg is a fast JPEG thumbnail library that was once part of the Englightenment Project...

9.8CVSS
Exploits0References3
EUVD
EUVD
added yesterday6 views

EUVD-2026-44967

Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library. Image::EPEG includes Epeg 0.9.0 that was last updated in 2004. Epeg is a fast JPEG thumbnail library that was once part of the Englightenment Project...

6.1AI score
Exploits0References3
CVE
CVE
added yesterday10 views

CVE-2026-3031

CVE-2026-3031 concerns Image::EPEG for Perl, which bundles an outdated Epeg library (Epeg 0.9.0, last updated 2004) and includes through version 0.15. Root cause is embedding an unsupported version of Epeg; affected component is Image::EPEG (Perl). CVSS3.1 base score is 9.8 with CRITICAL impact (...

9.8CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-43294

A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...

6.5CVSS6.4AI score0.00256EPSS
Exploits0References8
OSV
OSV
added 4 days ago4 views

CVE-2026-15538 primefaces primereact API ObjectUtils.mutateFieldData prototype pollution

A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References9
NVD
NVD
added 5 days ago9 views

CVE-2026-15497

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS0.00394EPSS
Exploits0References5
NVD
NVD
added 5 days ago6 views

CVE-2026-15495

A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...

6.5CVSS0.01543EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43219

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS6.6AI score0.00394EPSS
Exploits0References5
CVE
CVE
added 5 days ago13 views

CVE-2026-15497

Affected software / component: SonicCloudOrg sonic-agent (up to 2.7.2), specifically the JWT Authentication Filter in the ExchangeController.java path. Vulnerability: code injection vulnerability reported as enabling a remote attacker to manipulate code execution. Impact (per docs): remote exploi...

7.5CVSS6.6AI score0.00394EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-15496 SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS0.01158EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago10 views

EUVD-2026-43218

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
CVE
CVE
added 5 days ago12 views

CVE-2026-15495

The vulnerability CVE-2026-15495 affects SonicCloudOrg sonic-agent up to version 2.7.2, specifically in the Android WebSocket Server component’s AndroidWSServer.java. The issue arises from manipulating the path argument, causing os command injection. It is remotely exploitable and has public disc...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-43217

A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43209

A vulnerability was found in TRENDnet TEW-821DAP 1.11B03. This impacts the function sub41FBD0 of the file /goform/systemntp of the component Firmware Update Handler. Performing a manipulation of the argument Hostname results in os command injection. The attack may be initiated remotely. The vendo...

6.5CVSS6.5AI score0.0105EPSS
Exploits0References5
NVD
NVD
added 5 days ago6 views

CVE-2026-15485

A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub43F2C4 of the file /goform/toolsnslookup of the component DNS Lookup Handler. This manipulation of the argument nslookuptarget/dnsserver causes os command injection. The attack can be initiated remotely...

6.5CVSS0.0105EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-15485 TRENDnet TEW-821DAP DNS Lookup tools_nslookup sub_43F2C4 os command injection

A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub43F2C4 of the file /goform/toolsnslookup of the component DNS Lookup Handler. This manipulation of the argument nslookuptarget/dnsserver causes os command injection. The attack can be initiated remotely...

6.5CVSS0.0105EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/10 10:0 p.m.34 views

CVE-2026-11913 Mother May I - Critical - Unsupported - SA-CONTRIB-2026-045

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

0.0032EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 10:0 p.m.15 views

CVE-2026-11913

CVE-2026-11913 concerns a vulnerability in the Drupal module “Mother May I.” The official CVE notes a critical impact (CVSS 9.8) with affected versions listed as wildcards (. ). Connected sources indicate the Drupal project marks the module as unsupported and a fix has not been provided (SA-CONTR...

9.8CVSS6.1AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 9:59 p.m.34 views

CVE-2026-11914 Composer - Critical - Unsupported - SA-CONTRIB-2026-046

vulnerability in Drupal Composer allows . This issue affects Composer versions:...

0.00217EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 9:59 p.m.15 views

CVE-2026-11914

Technical details (affected versions, root cause, impact, and available fixes) for CVE-2026-11914 are not publicly provided in the given documents. Monitor for updates from Drupal SA-CONTRIB-2026-046 and related advisories for concrete info.

5.9CVSS6.1AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder