Lucene search
K

106 matches found

CVE
CVE
added 2026/03/10 9:34 p.m.15 views

CVE-2026-28807

CVE-2026-28807 affects gleam-wisp wisp; path traversal in wisp.serve_static occurs because sanitization runs before percent-decoding, allowing %2e%2e to decode to .. and read any file the process can access. Affected versions are 2.1.1 <= wisp

8.7CVSS5.9AI score0.01056EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/10 9:34 p.m.7 views

EEF-CVE-2026-28807 Path Traversal in wisp.serve_static allows arbitrary file read

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...

8.7CVSS5.9AI score0.01056EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.10 views

Wisp 安全漏洞

Wisp is a practical Gleam web framework developed under open source, designed for rapid development and easy maintenance. Versions of Wisp from 2.1.1 to 2.2.1 contained security vulnerabilities. These vulnerabilities were caused by a path traversal vulnerability in the wisp.servestatic function,...

8.7CVSS7.4AI score0.01056EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24472

Name of the Vulnerable Software and Affected Versions gleam-wisp wisp versions 2.1.1 through 2.2.0 Description A path traversal issue exists in gleam-wisp wisp that allows arbitrary file reading through percent-encoded path traversal. The wisp.serve static function is susceptible because...

8.7CVSS5.9AI score0.01056EPSS
Exploits1References12
Circl
Circl
added 2026/03/09 12:29 p.m.7 views

CVE-2026-28807

creationtimestamp| type| source ---|---|--- 2026-03-09 12:29:02+00:00| published-proof-of-concept| https://github.com/gleam-wisp/wisp/security/advisories/GHSA-h7cj-j2vv-qw8r...

8.7CVSS7.3AI score0.01056EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.8 views

PT-2026-6643

Name of the Vulnerable Software and Affected Versions Edimax BR-6288ACL versions up to 1.12 Description A security issue exists in Edimax BR-6288ACL versions up to 1.12. The wiz WISP24gmanual function within the wiz WISP24gmanual.asp file is susceptible to cross site scripting due to manipulation...

4.8CVSS4.3AI score0.00223EPSS
Exploits1References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.3 views

Malicious code in cascade-wisp-evc586-project (npm)

The package cascade-wisp-evc586-project was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-43705 Malicious code in cascade-wisp-evc586-project (npm)

The package cascade-wisp-evc586-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in opal-wisp-jow411-project (npm)

The package opal-wisp-jow411-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in lilypad-wisp-khn198-project (npm)

The package lilypad-wisp-khn198-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in wisp-river-tyt962-project (npm)

The package wisp-river-tyt962-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in wisp-ripple-blt348-project (npm)

The package wisp-ripple-blt348-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in nocturne-wisp-xmh536-project (npm)

The package nocturne-wisp-xmh536-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in wisp-falcon-xaj738-project (npm)

The package wisp-falcon-xaj738-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in crystal-wisp-mfe118-project (npm)

The package crystal-wisp-mfe118-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in wisp-lightning-cin551-project (npm)

The package wisp-lightning-cin551-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in everglow-wisp-lve550-project (npm)

The package everglow-wisp-lve550-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in grove-2yjlo-1a6ph-wisp-project (npm)

The package grove-2yjlo-1a6ph-wisp-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in grove-z7hek-zg9rl-wisp-project (npm)

The package grove-z7hek-zg9rl-wisp-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in wisp-giraffe-rcj353-project (npm)

The package wisp-giraffe-rcj353-project was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder