Lucene search
+L

4 matches found

vulnrichment
vulnrichment
added 2026/01/30 9:59 p.m.3 views

CVE-2026-25154 LocalSend has Stored XSS in Web Share Interface via Filename

LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend application starts a loca...

6.1CVSS5.3AI score0.00278EPSS
Exploits1References2
cvelist
cvelist
added 2026/01/30 9:59 p.m.31 views

CVE-2026-25154 LocalSend has Stored XSS in Web Share Interface via Filename

LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend application starts a loca...

6.1CVSS0.00278EPSS
Exploits1References2
cve
cve
added 2026/01/30 9:59 p.m.45 views

CVE-2026-25154

CVE-2026-25154 affects LocalSend (versions up to and including 1.17.0). The Red Hat/NVD/OSV/CVE list entries describe a Stored XSS vulnerability in the Web Share Interface via the filename, with the client-side logic in app/assets/web/main.js and a patch in commit 8f3cec85aa29b2b13fed9b2f8e499e1a...

6.1CVSS5.8AI score0.00278EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/01/30 9:59 p.m.8 views

CVE-2026-25154 LocalSend has Stored XSS in Web Share Interface via Filename

LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend application starts a loca...

6.1CVSS5.8AI score0.00278EPSS
Exploits1References4
Rows per page
Query Builder