Lucene search
+L

4 matches found

OSV
OSV
added 4 days ago4 views

CVE-2026-40501 Cherry Studio RCE via SearchService nodeIntegration Misconfiguration

Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...

8.6CVSS6.7AI score0.00438EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2026/06/03 12:0 a.m.17 views

VulnCheck KEV: CVE-2026-3300

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's processfilter function concatenating user-submitted form field values into a PHP code string without proper...

9.8CVSS6.2AI score0.40992EPSS
In wildExploits1References3
Positive Technologies
Positive Technologies
added 2021/01/26 12:0 a.m.6 views

PT-2021-8103 · Htmldoc +4 · Htmldoc +4

Name of the Vulnerable Software and Affected Versions: htmldoc versions 1.9.12 and earlier Description: A security issue is found in the image load jpeg function of the image.cxx component, related to NULL pointer dereference errors. This issue may allow an attacker to access confidential data,...

10CVSS6.7AI score0.07349EPSS
Exploits19References90
Positive Technologies
Positive Technologies
added 2021/01/26 12:0 a.m.4 views

PT-2021-8102 · Htmldoc +4 · Htmldoc +4

Name of the Vulnerable Software and Affected Versions: htmldoc versions 1.9.12 and earlier Description: The issue is related to a null pointer dereference in the file extension function, located in the file.c component of the htmldoc tool. This can lead to arbitrary code execution and denial of...

10CVSS7.3AI score0.07349EPSS
Exploits17References76
Rows per page
Query Builder