Lucene search
K

4 matches found

CVE
CVE
added 2026/05/13 9:32 p.m.20 views

CVE-2026-44369

CVAT (open source annotation tool) is affected by CVE-2026-44369: from versions 2.5.0 through 2.63.0, an attacker who can create or edit an annotation guide on a task can inject malicious JavaScript that runs in the browser of anyone viewing that guide. The injected code can perform arbitrary req...

8.5CVSS6AI score0.00266EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/06 5:17 p.m.1 views

CVE-2026-35045 Tandoor Recipes Affected by Private Recipe Exposure and Unauthorized Modification

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the PUT /api/recipe/batchupdate/ endpoint in Tandoor Recipes allows any authenticated user within a Space to modify any recipe in that Space, including recipes marked as private by...

8.1CVSS5.9AI score0.00267EPSS
Exploits1References2
NVD
NVD
added 2026/02/04 12:16 a.m.11 views

CVE-2026-1813

A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...

9.8CVSS0.00333EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.4 views

PT-2025-1399 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a "Handover Cancel" message missing the required MME UE S1AP ID field, which can cause the MME to crash repeatedly, resulting in denial of service. This can...

5.3CVSS7.1AI score0.00261EPSS
Exploits1References4
Rows per page
Query Builder