Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/02/26 10:46 p.m.1 views

GHSA-FVFV-PPW4-7H2W n8n has a Guardrail Node Bypass

Impact An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions. Patches The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability. Workarounds If...

6.3CVSS5.4AI score
Exploits0References4
Snyk
Snykadded 2026/02/01 6:34 a.m.1 views

Insufficiently Protected Credentials

Overview kimai-mcp is a MCP server for Kimai time-tracking API integration Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the HTTP response handling logic that sets the X-Session-ID header. An attacker can hijack user sessions by observing session...

6.9CVSS5.6AI score
Exploits0References3
OSV
OSVadded 2025/08/01 1:3 p.m.2 views

OESA-2025-1942 apache-commons-vfs security update

Commons VFS provides a uniform view of files through a single API which is designed for accessing various different file systems. These file systems could be a local disk, an HTTP server or a ZIP archive file. The key features are listed as follows: The API is consistent among various file types...

7.5CVSS6.6AI score0.0071EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2025/03/25 4:39 a.m.1 views

SUSE CVE-2025-27553

Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a descendent of the base file...

5.3CVSS7AI score0.0071EPSS
Exploits0References5
OSV
OSVadded 2025/03/23 3:15 p.m.1 views

UBUNTU-CVE-2025-30474

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...

5CVSS7.1AI score0.00109EPSS
Exploits0References5
PyPA
PyPAadded 2024/08/21 4:15 p.m.6 views

PYSEC-2024-181

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and theuser to click the provid...

6.1CVSS6.5AI score0.01137EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2022/09/16 12:0 a.m.3 views

PT-2022-23102 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when RandomPoissonV2 receives large input shape and rates,...

7.5CVSS7.2AI score0.00135EPSS
Exploits0References8
Rows per page
Query Builder