Lucene search
K

12979 matches found

CVE
CVE
added 5 hours ago8 views

CVE-2026-60109

Zeek

8.7CVSS6AI score
Exploits0References3
Nuclei
Nuclei
added 16 hours ago101 views

DataEase <= 2.4.1 - Sensitive Information Exposure

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. id: CVE-2024-30269...

5.3CVSS6AI score0.16EPSS
Exploits2References3
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday6 views

Malicious code in rio-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed72d8256a1831ef61f01d101c9b9de21db822516cb3b61d1fffd1ef7b3bb0c7 [email protected] is a dependency-confusion attack package. package.json declares preinstall: node index.js, so npm install auto-executes...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago6 views

Malicious code in zluri-ad-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a807f066f0255f7480ebd7d445043282260b464b0ef54a32a2d022c93bbf7 The package declares a preinstall hook node index.js that runs automatically on npm install. index.js requires os, dns, https, querystring, and the...

6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-14758

A flaw was found in radareorg radare2. A local attacker can exploit an integer overflow vulnerability within the hexpairs parser, specifically in the cmdanalopcode function. This manipulation can lead to an integer overflow, potentially causing a denial of service DoS condition...

5.5CVSS5.9AI score0.00131EPSS
Exploits1References2
OSV
OSV
added 3 days ago3 views

UBUNTU-CVE-2026-14758

A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmdanalopcode of the file libr/core/cmdanal.inc.c of the component hexpairs Parser. Such manipulation leads to integer overflow. The attack needs to be performed locally. The exploit is public...

4.8CVSS5.5AI score0.00131EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

FreeBSD : traefik -- Multiple vulnerabilities (803b9816-77af-11f1-ba71-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 803b9816-77af-11f1-ba71-5404a68ad561 advisory. The traefik project releases a new version addressing multiple CVEs: Tenable has extracted the...

10CVSS6AI score0.00346EPSS
Exploits0References5
Debian CVE
Debian CVE
added 4 days ago4 views

CVE-2026-14757

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

7.8CVSS5.6AI score0.00142EPSS
Exploits1
Positive Technologies
Positive Technologies
added 4 days ago13 views

PT-2026-55807

Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description An integer overflow occurs in the hexpairs Parser component within the cmd anal opcode function located in the libr/core/cmd anal.inc.c file. This issue requires local access to be exploite...

5.5CVSS5.9AI score0.00131EPSS
Exploits1References11
Cvelist
Cvelist
added 5 days ago24 views

CVE-2026-14535 Fickling MLAllowlist analysis pass rendered inoperative by shared mutable state in AnalysisContext.shorten_code()

In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shortencodenode on every import node it inspects, regardless of whether the import is flagged as unsafe. This call registers the shortened code representation in...

8.8CVSS0.00304EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-41676

In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shortencodenode on every import node it inspects, regardless of whether the import is flagged as unsafe. This call registers the shortened code representation in...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References4
CVE
CVE
added 5 days ago17 views

CVE-2026-14535

The CVE affects Trail of Bits fickling up to version 0.1.11. The UnsafeImportsML analysis pass always calls AnalysisContext.shorten_code(node), populating shared AnalysisContext.reported_shortened_code. When MLAllowlist runs, it sees already_reported=True for every import and skips its allowlist ...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago5 views

Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e The package name debugcli shadows the popular debug package, and index.js is a thin re-export module.exports = require'debug' so callers observe...

6.1AI score
Exploits0References7
Snyk
Snyk
added 6 days ago4 views

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via the PatternParser process. An attacker can access sensitive files or interact with internal systems by submitting crafted XML data that triggers external entity resolution. Details XXE Injection is ...

9.8CVSS6AI score0.00134EPSS
Exploits0References2
NVD
NVD
added 6 days ago5 views

CVE-2026-47898

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net Lucene.Net.Analysis.Common library. This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes...

9.8CVSS0.00134EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago8 views

CVE-2026-47898

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net Lucene.Net.Analysis.Common library. This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes...

4CVSS5.9AI score0.00134EPSS
Exploits0References2
CVE
CVE
added 6 days ago16 views

CVE-2026-47898

This CVE affects Lucene.Net.Analysis.Common (PatternParser) in Lucene.Net.Analysis.Common: vulnerable in versions prior to 4.8.0-beta00018. The connected Snyk entry confirms an XML External Entity (XXE) injection vulnerability, where crafted XML could trigger external entity resolution, enabling ...

9.8CVSS5.9AI score0.00134EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago43 views

CVE-2026-47898 Apache Lucene.Net: XXE vulnerability in Lucene.Net.Analysis.Common PatternParser

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net Lucene.Net.Analysis.Common library. This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes...

4CVSS0.00134EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-41517

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net Lucene.Net.Analysis.Common library. This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes...

4CVSS5.9AI score0.00134EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-59099

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS0.00356EPSS
Exploits0References5
Rows per page
Query Builder