Lucene search
K

470 matches found

Cvelist
Cvelist
added 4 days ago27 views

CVE-2026-56309 Capgo - Plan Bypass via Unrestricted Attachment Upload Endpoint

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS0.00259EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-56309

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, enabling plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS6.2AI score0.00259EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Langflow < 1.0.19 DoS (CVE-2026-55446)

The version of Langflow installed on the remote host is prior to 1.0.19. It is, therefore, affected by a denial of service vulnerability: - An attacker can send a /api/v1/files/upload/ request without any authentication and abuse a very long multipart form boundary to make the Langflow applicatio...

7.5CVSS6.2AI score0.00321EPSS
Exploits1References2
OSV
OSV
added 2026/07/07 4:50 p.m.7 views

GHSA-8GH5-QQH8-HQ3X Open WebUI allows limited stored XSS vila uploaded html file

Summary Low privileged users can upload HTML files which contain JavaScript code via the /api/v1/files/ backend endpoint. This endpoint returns a file id, which can be used to open the file in the browser and trigger the JavaScript code in the user's browser. Under the default settings, files...

6.4CVSS6AI score0.003EPSS
Exploits1References6
NVD
NVD
added 2026/07/07 4:17 a.m.10 views

CVE-2026-42145

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the file upload endpoint app/Http/Controllers/UploadController.php for database backup restore uploads did not enforce file type or size validation, allowing an authenticat...

3.1CVSS0.0025EPSS
Exploits0References4
Snyk
Snyk
added 2026/07/01 6:18 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview github.com/elastic/fleet-server/v7/internal/pkg/api is a control server to manage a fleet of elastic-agents. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitti...

7.5CVSS6AI score0.00312EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 6:18 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting specially crafted requests, potentially causing the service to become unavailable. Remediation Upgrade...

7.5CVSS6AI score0.00312EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 6:18 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting specially crafted requests, potentially causing the service to become unavailable. Remediation Upgrade...

7.5CVSS6AI score0.00312EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 6:18 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview github.com/elastic/fleet-server/internal/pkg/api is a control server to manage a fleet of elastic-agents. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting...

7.5CVSS6AI score0.00312EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 5:16 p.m.10 views

CVE-2026-56150

Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...

7.5CVSS0.00312EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:26 p.m.6 views

CVE-2026-56150

Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/01 4:26 p.m.8 views

EUVD-2026-41077

Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 4:26 p.m.16 views

CVE-2026-56150

MODE C: CVE-2026-56150 affects Elastic Fleet Server via Allocation of Resources Without Limits or Throttling (upload endpoint memory exhaustion). Multiple connected sources describe the vulnerability in Fleet Server's internal API packages and uploader, enabling an attacker to exhaust RAM and pot...

7.5CVSS5.8AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 3:53 p.m.35 views

CVE-2026-58170 Vibe-Trading < 0.1.10 - Path Traversal in Proposal Identifier Allows Forging Live Trading Mandates

Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitization agent/src/live/mandate/commit.py. A proposal identifier containing path traversal sequences causes the application to load an...

8.3CVSS0.00416EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/30 3:53 p.m.7 views

CVE-2026-58170

Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitization agent/src/live/mandate/commit.py. A proposal identifier containing path traversal sequences causes the application to load an...

8.3CVSS5.8AI score0.00416EPSS
Exploits0References5
CVE
CVE
added 2026/06/30 3:53 p.m.15 views

CVE-2026-58170

CVE-2026-58170 affects Vibe-Trading

8.3CVSS5.8AI score0.00416EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 3:51 p.m.34 views

CVE-2026-58166 OpenBMB ChatDev - Unauthenticated Path Traversal in Upload Handler Allows Arbitrary File Write and Delete

OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to write or delete arbitrary files by supplying a malicious multipart filename in the file upload endpoint. Attackers can send a crafted filename containing...

9.1CVSS0.00628EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 3:51 p.m.7 views

EUVD-2026-40373

OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to write or delete arbitrary files by supplying a malicious multipart filename in the file upload endpoint. Attackers can send a crafted filename containing...

9.1CVSS6AI score0.00628EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 11:19 a.m.37 views

CVE-2026-53691 Remote Code Execution in Redeight CMS

An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate file extensions and MIME types, permitting the upload of...

8.6CVSS0.00488EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53921

Name of the Vulnerable Software and Affected Versions Vibe-Trading versions prior to 0.1.10 Description The application constructs the proposal file path by joining a caller-supplied proposal identifier to the broker proposals directory without proper sanitization in the...

8.3CVSS5.8AI score0.00416EPSS
Exploits0References9
Rows per page
Query Builder