CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

Veracode•added 2026/05/12 1:3 p.m.•5 views

Directory Traversal

SiYuan is vulnerable to Directory Traversal. The vulnerability is due to improper handling of double URL decoding in the serveExport function, which allows an attacker to use double-encoded traversal sequences to read arbitrary files from the workspace...

7.1CVSS5.9AI score0.00052EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/04/27 7:23 p.m.•1 views

CVE-2026-41894

SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check IsSensitivePath but did not address the root cause — a redundant url.PathUnescape call in serveExport. An authenticated attacker can use double URL encoding...

7.1CVSS5.6AI score0.00052EPSS

Exploits0References1

EUVD•added 2026/04/24 6:56 p.m.•3 views

EUVD-2026-25626

9.8CVSS5.6AI score0.00273EPSS

Exploits1References3

ATTACKERKB•added 2026/04/24 6:56 p.m.•4 views

CVE-2026-41894

9.8CVSS5.6AI score0.00273EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/04/24 12:0 a.m.•1 views

PT-2026-35066

9.8CVSS5.6AI score0.00273EPSS

Exploits1References4

CNNVD•added 2026/04/24 12:0 a.m.•5 views

SiYuan 路径遍历漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.6.5 contained a path traversal vulnerability. This vulnerability arose from the fix of CVE-2026-30869, where only blacklist checks were added, and the redundant calls to the...

7.1CVSS5.9AI score0.00052EPSS

Exploits0References2

Github Security Blog•added 2026/04/22 8:51 p.m.•2 views

SiYuan: Path Traversal via Double URL Encoding in `/export/` Endpoint (Incomplete Fix Bypass for CVE-2026-30869)

Summary The fix for CVE-2026-30869 in SiYuan v3.5.10 only added a denylist check IsSensitivePath but did not address the root cause — a redundant url.PathUnescape call in serveExport. An authenticated attacker can use double URL encoding %252e%252e to traverse directories and read arbitrary...

9.8CVSS5.8AI score0.00273EPSS

Exploits1References6Affected Software1

OSV•added 2026/04/22 8:51 p.m.•2 views

GHSA-HJH7-R5W8-5872 SiYuan: Path Traversal via Double URL Encoding in `/export/` Endpoint (Incomplete Fix Bypass for CVE-2026-30869)

7.1CVSS5.8AI score0.00052EPSS

Exploits0References6

NVD•added 2026/04/09 6:17 p.m.•1 views

CVE-2026-39981

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

8.8CVSS0.00051EPSS

Exploits1References3

OSV•added 2026/03/19 10:16 p.m.•1 views

CVE-2026-32002

OpenClaw versions prior to 2026.2.23 contain a sandbox bypass vulnerability in the sandboxed image tool that fails to enforce tools.fs.workspaceOnly restrictions on mounted sandbox paths, allowing attackers to read out-of-workspace files. Attackers can load restricted mounted images and exfiltrat...

5.3CVSS5.9AI score

Exploits0References3

NVD•added 2026/03/19 10:16 p.m.•1 views

CVE-2026-32002

6.5CVSS0.00046EPSS

Exploits0References3

RedhatCVE•added 2025/12/17 8:7 a.m.•2 views

CVE-2025-67643

Jenkins Redpen - Pipeline Reporter for Jira Plugin 1.054.v7b9517b6b202 and earlier does not correctly perform path validation of the workspace directory while uploading artifacts to Jira, allowing attackers with Item/Configure permission to retrieve files present on the Jenkins controller workspa...

4.3CVSS6.8AI score0.02585EPSS

Exploits0References1

OSV•added 2025/12/10 6:30 p.m.•3 views

GHSA-QXH4-J39M-QFX4 Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability

4.3CVSS6.7AI score0.02585EPSS

Exploits0References3

Cvelist•added 2025/12/10 4:50 p.m.•24 views

CVE-2025-67643

0.02585EPSS

Exploits0References1

EUVD•added 2025/10/03 4:27 p.m.•4 views

EUVD-2025-32314

Cursor is a code editor built for programming with AI. Versions 1.6 and below are vulnerable to Remote Code Execution RCE attacks through Visual Studio Code Workspaces. Workspaces allow users to open more than a single folder and save specific settings pretty similar to .vscode/settings.json for...

9.8CVSS6.9AI score0.00264EPSS

Exploits0References1

CVE•added 2025/10/03 4:27 p.m.•18 views

CVE-2025-61590

Cursor (editor) versions ≤1.6 are vulnerable to remote code execution via Visual Studio Code Workspaces. The attack involves hijacking the user’s chat context to prompt-inject and modify .code-workspace/settings, enabling RCE by writing to the workspace settings. The issue is fixed in version 1.7...

7.5CVSS7AI score0.00264EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/10/03 4:27 p.m.•4 views

CVE-2025-61590 Cursor is vulnerable to RCE via .code-workspace files using Prompt Injection

7.5CVSS0.00264EPSS

Exploits0References1

NVD•added 2025/09/05 11:15 p.m.•4 views

CVE-2025-58372

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where certain VS Code workspace configuration files .code-workspace are not protected in the same way as the .vscode folder. If the agent was configured to auto-appro...

9.8CVSS0.00127EPSS

Exploits0References3

OSV•added 2025/09/05 10:51 p.m.•4 views

CVE-2025-58372 Roo Code: Potential Remote Code Execution via .code-workspace

8.1CVSS7.8AI score0.00127EPSS

Exploits0References5

CNNVD•added 2025/08/05 12:0 a.m.•1 views

Cursor 安全漏洞

Cursor is an AI code editor from Cursor Open Source. A security vulnerability exists in Cursor versions prior to 1.3.9 that stems from allowing unapproved user writes to workspace files, which could lead to remote code execution...

9.8CVSS7.9AI score0.00372EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by