Lucene search
+L

8 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in node-brace-expansion

A vulnerability was discovered in the juliangruber brace-expansion library, up to versions 1.1.11/2.0.1/3.0.0/4.0.0. This issue has been identified as problematic. The affected function is the “expand” function of the file index.js. Manipulation of this function leads to inefficient use of regula...

3.1CVSS4.7AI score0.00459EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/02 12:0 a.m.10 views

AI Development Assistant MCP Server 注入漏洞

The AI Development Assistant MCP Server is an AI development assistant developed by Kevin Leneway. Versions of the AI Development Assistant MCP Server 2.0.1 and earlier have a vulnerability due to command injection in the runCodeReviewTool function found in the src/tools/codeReview.ts file, which...

6.5CVSS6.6AI score0.0111EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/22 2:35 p.m.3 views

aima (=2023.2.4), appcensus-dynamic-repos (>=2.0.113 <=2.1.117) +27 more potentially affected by CVE-2026-41140 via poetry (>=2.0.1 <=2.3.3)

poetry PYPI version =2.0.1, =2.0.113, =0.0.2, =1.0.7, =0.1.1, =1.5.12, =0.2.0, =0.4.3, =1.5.4, =0.1.2, =0.1.6 and more Source cves: CVE-2026-41140 Source advisory: SNYK:PYTHON-POETRY-16122096...

8.7CVSS5.4AI score0.00294EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.8 views

WordPress plugin BuilderPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS5.8AI score0.00335EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 8:24 a.m.4 views

CVE-2026-1454 Responsive Contact Form Builder & Lead Generation Plugin <= 2.0.1 - Unauthenticated Stored Cross-Site Scripting

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...

7.2CVSS5.9AI score0.00241EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/12/31 8:52 a.m.8 views

WordPress Series plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Series versions = 2.0.1...

6.5CVSS5.9AI score0.00141EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.5 views

PT-2025-47802

Name of the Vulnerable Software and Affected Versions Zegen Core versions prior to 2.0.1 Description The Zegen Core plugin for WordPress is susceptible to a Cross-Site Request Forgery CSRF issue leading to Arbitrary File Upload. This is caused by a lack of nonce validation and file type validatio...

8.8CVSS7.8AI score0.00216EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/07/27 12:0 a.m.6 views

PT-2024-37704 · WordPress · Add Admin Css

Name of the Vulnerable Software and Affected Versions: Add Admin CSS plugin for WordPress versions up to, and including, 2.0.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors on. This allows...

5.3CVSS6.6AI score0.00439EPSS
Exploits0References4
Rows per page
Query Builder