Lucene search
+L

353 matches found

Nuclei
Nuclei
added 7 hours ago12 views

LearnPress < 4.3.7 - Information Disclosure

LearnPress WordPress plugin 4.3.7 contains an information disclosure vulnerability caused by missing capability checks on a REST endpoint, letting unauthenticated visitors retrieve sensitive user role and capability data via crafted requests. id: CVE-2026-8383 info: name: LearnPress 4.3.7 -...

5.3CVSS5.2AI score0.00424EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 5 days ago5 views

CVE-2026-22103 Command injection in NPC start web endpoint

The NPC start endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS6.1AI score0.0131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 5 days ago6 views

CVE-2026-22102 Arbitrary file overwrite through certificate update functionality

A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Content-Disposition header without verification. This can be used to cause a denial of service by overwriting system files, or...

9.3CVSS6.3AI score0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/11 1:0 p.m.33 views

CVE-2026-56303 Capgo - Unauthenticated API Key Metadata Disclosure via SECURITY DEFINER RPC Function

Capgo before 12.128.2 contains an information disclosure vulnerability in the findapikeybyvalue PostgreSQL function marked SECURITY DEFINER and executable by the anon role. Unauthenticated attackers can call this function via the /rest/v1/rpc/findapikeybyvalue endpoint to retrieve sensitive API k...

8.7CVSS0.00302EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Database
added 2026/07/09 12:0 a.m.6 views

org.hl7.fhir.core: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The utility intended to secure this evaluation did so incorrectly, and did not fully cover all places in which evaluation was being done. An attacker can send a resource...

7.5CVSS6.1AI score
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/07/05 7:15 a.m.40 views

CVE-2026-14721 UTT HiPER 1250GW Web Endpoint ConfigWirelessBase_5g stack-based overflow

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried o...

9CVSS0.00447EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/05 7:15 a.m.8 views

EUVD-2026-41734

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried o...

9CVSS7.6AI score0.00447EPSS
Exploits0References5
CVE
CVE
added 2026/07/05 7:15 a.m.19 views

CVE-2026-14721

CVE-2026-14721 affects UTT HiPER 1250GW (up to 3.2.7-210907-180535). The vulnerability is in the Web Endpoint’s /goform/ConfigWirelessBase_5g function, where manipulating the ssid argument causes a stack-based buffer overflow. It can be exploited remotely, and the exploit has been disclosed publi...

9CVSS7.6AI score0.00447EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/04 8:45 a.m.9 views

CVE-2026-14622

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References6
CVE
CVE
added 2026/07/03 8:19 p.m.38 views

CVE-2026-20706

Summary: CVE-2026-20706 affects Gitea up to version 1.26.1, where the web archive download endpoint allowed bypassing token scope checks, enabling access to repository archives beyond a token’s scope. Affected software: Gitea (versions ≤ 1.26.1). Root cause (as described in the sources): The /arc...

9.1CVSS7.1AI score0.00403EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-20706 Gitea repository archive downloads bypass token scope checks

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint...

9.1CVSS7.1AI score0.00403EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:36 p.m.8 views

CVE-2026-58454

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...

7.7CVSS6.6AI score0.00523EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/30 10:8 p.m.15 views

CVE-2026-56399

Open WebUI (pre-0.6.27) contains a server-side request forgery in the /api/v1/retrieval/process/web endpoint. The vulnerability allows authenticated users to bypass SSRF protections by manipulating URL parameters with location redirect headers, enabling access to internal services and potentially...

5.3CVSS5.8AI score0.0032EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56399

Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL parameters with location redirect headers to access internal services and potentiall...

5.3CVSS5.8AI score0.0032EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 3:20 a.m.10 views

MAL-2026-6572 Malicious code in rebrandly-domains-digger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...

5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/06/26 9:4 p.m.12 views

EUVD-2026-38058

mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call...

8.1CVSS5.8AI score0.00264EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 2:12 p.m.8 views

MAL-2026-6292 Malicious code in @outmarket/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cd90f0d706cda01a5740f120f6e8d22ae57d907a5000854439c201b3c53a8c0 package.json declares a postinstall lifecycle script that fires automatically on npm install. The inline node -e payload uses hex-encoded property...

5.9AI score
Exploits0References3
CVE
CVE
added 2026/06/21 10:45 p.m.15 views

CVE-2026-12814

CVE-2026-12814 affects Comfast CF-WR631AX V3 up to version 2.7.0.8. The vulnerability is located in the API Endpoint component, specifically the file path /cgi-bin/mbox-config?section=ping_config, where manipulation of the destination argument leads to an OS command injection. The issue can be ex...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References5
OSV
OSV
added 2026/06/17 2:39 p.m.3 views

CVE-2026-10850 Plane 1.3.1 - Stored XSS in intake issue description_html

Plane CE 1.3.1 allows a low-privileged project member to submit arbitrary HTML/JS in the descriptionhtml field when creating an intake work item through the API v1 intake endpoint...

6.9CVSS6.1AI score0.00165EPSS
Exploits1References4
Snyk
Snyk
added 2026/06/15 8:16 p.m.12 views

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' when dispatching HTTP requests to endpoint attributes via getattr. An attacker can invoke internal...

6.3CVSS5.5AI score0.00213EPSS
Exploits0References2
Rows per page
Query Builder