Lucene search
K

976 matches found

Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48718

Name of the Vulnerable Software and Affected Versions Quest Bot versions prior to 1.0.5 Description Quest Bot is an open-source Discord Bot designed for moderation, utilities, and support. The bot fails to suppress mentions in the '/unban' and '/unwarn' endpoints, allowing user-controlled reason...

2.3CVSS5.2AI score0.00235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.10 views

CVE-2026-50635

LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default and documented configuration, so LSHttpRequest::checkIsAllowedHost results in no operation....

8.8CVSS5.5AI score0.00372EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 7:12 p.m.7 views

Reliance on Untrusted Inputs in a Security Decision

Overview litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision through the AllowedHostsMiddleware in the host validation middleware. An attacker can bypa...

6.3CVSS5.4AI score0.00024EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/10 7:12 p.m.16 views

Litestar: AllowedHostsMiddleware bypasses host validation via client-controlled X-Forwarded-Host header

Summary AllowedHostsMiddleware trusts the X-Forwarded-Host header as a fallback when the Host header is absent. Since X-Forwarded-Host is a client-controllable header, an attacker can bypass the allowed hosts validation by omitting the Host header and supplying an X-Forwarded-Host header set to a...

5.6AI score0.00024EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/10 7:12 p.m.6 views

GHSA-3QMC-CJ7Q-62HV Litestar: AllowedHostsMiddleware bypasses host validation via client-controlled X-Forwarded-Host header

Summary AllowedHostsMiddleware trusts the X-Forwarded-Host header as a fallback when the Host header is absent. Since X-Forwarded-Host is a client-controllable header, an attacker can bypass the allowed hosts validation by omitting the Host header and supplying an X-Forwarded-Host header set to a...

5.9CVSS5.6AI score0.00024EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 6:32 p.m.6 views

CVE-2026-50637 Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections

Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions allow mutiple metrics, separated by newlines, to be sent per packet. The send method does not validate the contents of the metric names or values. If the name...

5.8AI score0.00323EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48543

Summary AllowedHostsMiddleware trusts the X-Forwarded-Host header as a fallback when the Host header is absent. Since X-Forwarded-Host is a client-controllable header, an attacker can bypass the allowed hosts validation by omitting the Host header and supplying an X-Forwarded-Host header set to a...

5.9CVSS5.7AI score0.00024EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 9:59 p.m.5 views

GHSA-7QJX-GP9H-65QJ Dex: Token-exchange endpoint is missing AllowedConnectors enforcement

Summary server/handlers.go::handleTokenExchange lines 1804-1893 does not call isConnectorAllowedclient.AllowedConnectors, connID before issuing tokens, while sibling handlers do. This is a per-client connector ACL gap on the token-exchange endpoint; the redirect-flow paths enforce the same field...

8.7CVSS5.6AI score
Exploits0References3
Snyk
Snyk
added 2026/06/09 9:59 p.m.10 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handleTokenExchange function. An attacker can gain unauthorized access to restricted resources by exploiting the lack of enforcement of allowed connectors when exchanging tokens. This is only exploitable i...

8.7CVSS5.4AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/09 9:59 p.m.23 views

Dex: Token-exchange endpoint is missing AllowedConnectors enforcement

Summary server/handlers.go::handleTokenExchange lines 1804-1893 does not call isConnectorAllowedclient.AllowedConnectors, connID before issuing tokens, while sibling handlers do. This is a per-client connector ACL gap on the token-exchange endpoint; the redirect-flow paths enforce the same field...

5.6AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS. This vulnerability allows authenticated backend users to retrieve file metadata through multiple backend API routes, without proper permission checks. As a...

5.3CVSS5.3AI score0.00238EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-41321

@astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers targets. Prior to 13.1.10, the fetch call for remote images in packages/integrations/cloudflare/src/utils/image-binding-transform.ts uses the default redirect: 'follow' behavior. This allows the Cloudflare Worker to follow HTTP...

2.2CVSS5.6AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.11 views

CVE-2026-41317

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS.press.api.account.createapisecret is prone to CSRF-like exploits. This endpoint writes to database and it is also accessible via GET method. The patch in commit...

8.7CVSS5.5AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-40186

ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...

6.1CVSS5.7AI score0.00235EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39848

Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A remote attacker can cause a logged-in administrator's browser to request /apps/action.php?action=stop= or...

6.5CVSS5.5AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.12 views

CVE-2026-7888

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the Workflow, Form block, and File/Set components that lack the allowedclasses restriction. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been...

8.4CVSS5.6AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-9739

Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...

9.4CVSS5.5AI score0.00279EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.16 views

PT-2026-46972

Name of the Vulnerable Software and Affected Versions DataDog::DogStatsd versions prior to 0.08 Description DataDog::DogStatsd does not properly sanitize input, allowing metric injections from untrusted sources. The send stats function fails to remove newlines from the $stat variable, which enabl...

9.1CVSS5.5AI score0.00331EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

WordPress plugin Admin Columns 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.8CVSS6.2AI score0.00652EPSS
Exploits1References11
Cvelist
Cvelist
added 2026/06/04 11:6 p.m.43 views

CVE-2026-11250

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

0.00239EPSS
Exploits0References2
Rows per page
Query Builder