Lucene search
K

57252 matches found

CVE
CVE
added 3 days ago7 views

CVE-2026-58207

CVE-2026-58207 affects NATS Server. A client sending account-scoped Connz pagination requests could cause an integer overflow in the pagination logic, crashing the server before the response window is bounded. Affected versions are before 2.14.3 and before 2.12.12; fixed releases are 2.14.3 and 2...

7.7CVSS6AI score0.0056EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 3 days ago2 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS6.5AI score0.00524EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS0.00524EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-8801

Path equivalence: vulnerability in Progress MOVEit Transfer File Upload modules. This issue affects MOVEit Transfer: before 2025.0.8, from 2025.1.0 before 2025.1.4...

3.5CVSS5.9AI score0.00311EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-42379

Relative path traversal vulnerability in Progress MOVEit Transfer Admin Settings module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

4.5CVSS5.9AI score0.00365EPSS
Exploits0References1
CVE
CVE
added 3 days ago10 views

CVE-2026-8650

Vulnerability: Relative path traversal in Progress MOVEit Transfer (Admin Settings module). Affected versions: MOVEit Transfer before 2025.0.7, and from 2025.1.0 before 2025.1.3. Impact (as described): Authenticated path traversal that can allow viewing arbitrary system files. Notes: The provided...

7.5CVSS5.9AI score0.00365EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 3 days ago6 views

CVE-2026-59880

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Immutable.Map and Immutable.Set keep keys that share the same 32-bit hash in a HashCollisionNode collision bucket that is scanned linearly, allowing an attacker who controls keys inserted into a Map, such a...

8.7CVSS6AI score0.00301EPSS
Exploits1
NVD
NVD
added 3 days ago7 views

CVE-2026-10699

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS0.00283EPSS
Exploits0References1
Debian CVE
Debian CVE
added 3 days ago4 views

CVE-2026-59869

js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15.0 and from 4.0.0 before 4.3.0, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in...

7.5CVSS6AI score0.0035EPSS
Exploits0
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-11903 Stored XSS in MOVEit Transfer Ad Hoc module

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Progress MOVEit Transfer Ad Hoc module. This issue affects MOVEit Transfer: from 2026.0.0 before 2026.0.1, from 2025.1.0 before 2025.1.4, from 2025.0.0 before 2025.0.8...

8CVSS0.003EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-59257

n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated ... expression values directly into the raw SQL string without parameterization. When a workflow uses...

8.8CVSS0.00314EPSS
Exploits0References2
NVD
NVD
added 3 days ago8 views

CVE-2026-56360

n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 signatures on Zendesk webhooks in the ZendeskTrigger node. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary malicious data...

6.3CVSS0.00186EPSS
Exploits0References2
CVE
CVE
added 3 days ago6 views

CVE-2026-10698

CVE-2026-10698 is an Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer, specifically affecting the Custom Reports module . Affected versions are MOVEit Transfer 2025.0.0–before 2025.0.8, 2025.1.0–before 2025.1.4, and 2026.0.0–before 2026.0.1...

7.2CVSS5.9AI score0.00442EPSS
Exploits0References1Affected Software1
CVE
CVE
added 3 days ago8 views

CVE-2026-56360

n8n is affected in versions prior to 1.123.18 and 2.6.2 where the ZendeskTrigger node fails to verify HMAC-SHA256 signatures on Zendesk webhooks. This allows attackers who know the webhook URL to send unsigned POST requests, potentially triggering workflows with arbitrary data. No remediation det...

6.3CVSS6.1AI score0.00186EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-8310 Reflected XSS in Webbeyaz's Mediküm Web

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webbeyaz Web Design Mediküm Web allows Reflected XSS. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

6.1CVSS0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-56452

Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.2CVSS5.9AI score0.00442EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-56456

Name of the Vulnerable Software and Affected Versions MOVEit Transfer versions 2026.0.0 through 2026.0.0 MOVEit Transfer versions 2025.1.0 through 2025.1.3 MOVEit Transfer versions 2025.0.0 through 2025.0.7 Description Stored cross-site scripting XSS occurs in the Ad Hoc module due to improper...

8CVSS5.8AI score0.003EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-56586

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...

8.5CVSS6.2AI score0.01101EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Foxit PDF Editor < 2026.1.2 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2026.1.2. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the...

8.2CVSS6.1AI score0.00205EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-56589

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.7 through 18.11.6 GitLab CE/EE versions 19.0 through 19.0.3 GitLab CE/EE versions 19.1 through 19.1.1 Description An issue exists where improper sanitization of user-supplied input could allow an authenticated user to...

7.3CVSS6.3AI score0.00243EPSS
Exploits0References5
Rows per page
Query Builder