Lucene search
K

5 matches found

OSV
OSV
added yesterday5 views

GO-2026-5907 Coder's OIDC email_verified type coercion bypass enables account takeover via unverified email linking in github.com/coder/coder

Coder's OIDC emailverified type coercion bypass enables account takeover via unverified email linking in github.com/coder/coder...

7.4CVSS5.9AI score
Exploits0References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.10 views

pyLoad 代码问题漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev97 contained code vulnerabilities. These vulnerabilities stemmed from the download engine accepting unverified arbitrary URLs, which could lead to server-side request forgeing attacks...

9.3CVSS6AI score0.00397EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.5 views

La Suite Docs Cross-Site Script Vulnerability

La Suite Docs is an open-source, scalable collaboration note-taking, wiki, and documentation platform developed by La Suite numérique. Versions 3.8.0 to 4.3.0 of La Suite Docs contain cross-site scripting vulnerabilities. These vulnerabilities stem from the Interlinking function not verifying URL...

8.7CVSS5.7AI score0.0025EPSS
Exploits0References3
OSV
OSV
added 2025/10/22 8:45 p.m.4 views

CVE-2025-62612 FastGPT File Reading Node SSRF Vulnerability

FastGPT is an AI Agent building platform. Prior to version 4.11.1, in the workflow file reading node, the network link is not security-verified, posing a risk of SSRF attacks. This issue has been patched in version 4.11.1...

6.9CVSS6.8AI score0.00217EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/18 12:0 a.m.5 views

PocketBase Security Vulnerability

PocketBase is an open source real-time backend for PocketBase Open Source. A security vulnerability exists in Pocketbase versions prior to 0.22.14, which stems from password validation and OAuth2 unverified email links...

5.4CVSS6.9AI score0.00289EPSS
Exploits0References3
Rows per page
Query Builder