Lucene search
K

49 matches found

ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-55793

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under th...

5.9CVSS5.7AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-53309

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper neutralization of attacker-controlled content allows unintended SQL execution. An attacker can execute arbitrary SQL within the context of a victim user's Snowflake session by providing...

8.8CVSS6.1AI score0.0032EPSS
Exploits0References4
Debian
Debian
added 2026/06/23 7:44 p.m.6 views

[SECURITY] [DLA 4641-1] beets security update

Debian LTS Advisory DLA-4641-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias June 23, 2026 https://wiki.debian.org/LTS Package : beets Version : 1.4.9-7+deb11u1 CVE ID : CVE-2026-42052 Debian Bug : 1135779 It was discovered that beets, a media library management...

6CVSS5.9AI score0.003EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/23 4:51 p.m.35 views

CVE-2026-54007 Open WebUI: Cross-origin postMessage confirmation bypass via action:submit

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim...

7.1CVSS0.00162EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/22 2:17 p.m.7 views

EUVD-2026-38285

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

9.1CVSS5.9AI score0.00256EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:17 p.m.2 views

CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

9.1CVSS5.9AI score0.00256EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/17 2:10 p.m.8 views

Open WebUI: Cross-origin postMessage confirmation bypass via action:submit

Summary The chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim session. I validated this with a cross-origin attacker page that auto-posted messages and caused unauthoriz...

7.1CVSS5.5AI score0.00162EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50479

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description The chat message listener in the chat page's window message listener processes input:prompt and action:submit messages without enforcing same-origin restrictions. This allows an external site to s...

7.1CVSS5.8AI score0.00162EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.10 views

CVE-2026-8604

In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...

8.8CVSS5.5AI score0.00178EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/22 12:0 a.m.8 views

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth identity...

5.8AI score0.00035EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/19 6:16 p.m.27 views

CVE-2026-8604

In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...

8.8CVSS0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 5:5 p.m.13 views

CVE-2026-8604 Cross-Site request forgery (CSRF) in ScadaBR

In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...

8.6CVSS5.8AI score0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 5:5 p.m.52 views

CVE-2026-8604 Cross-Site request forgery (CSRF) in ScadaBR

In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...

8.6CVSS0.00178EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 1:41 p.m.13 views

org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve

A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will...

6.5CVSS6.5AI score0.00775EPSS
Exploits0References8
Snyk
Snyk
added 2026/04/17 1:37 a.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the asset delivery process. An attacker can execute arbitrary JavaScript in the context of another user's session by uploading a crafted HTML or SVG file as an asset, which is then rendered by a victim's...

8.7CVSS5.5AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32551

Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid session tokens and reuse them to gain unauthorized access to a victim�s session. If the application continues to accept previously issued toke...

4.2CVSS5.8AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/26 6:28 p.m.5 views

EUVD-2026-15956

n8n Vulnerable to XSS via Binary Data Inline HTML Rendering...

6.3CVSS5.8AI score0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 8:45 p.m.3 views

CVE-2026-30924 qui CORS Misconfiguration: Arbitrary Origins Trusted

qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also returning Access-Control-Allow-Credentials: true, effectively allowing any external webpage to make authenticated requests on behalf of a...

9CVSS6AI score0.00257EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 8:45 p.m.4 views

CVE-2026-30924 qui CORS Misconfiguration: Arbitrary Origins Trusted

qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also returning Access-Control-Allow-Credentials: true, effectively allowing any external webpage to make authenticated requests on behalf of a...

9CVSS6.5AI score0.00257EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/19 3:48 p.m.26 views

CVE-2026-32866 OPEXUS eComplaint and eCase stored XSS via profile first and last name

OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of first and last name fields in a user profile. An authenticated attacker can inject parts of an XSS payload in their first and last name fields. The payload is executed when the user's full name is rendered. The...

5.5CVSS0.00141EPSS
Exploits0References2
Rows per page
Query Builder