PT-2026-46852

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

CVE-2026-34526 SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This...

CVE-2026-34526

Summary of CVE-2026-34526 (SillyTavern) : An incomplete IP validation in the /api/search/visit flow enables SSRF against internal hosts in versions prior to 1.17.0. The root cause is a hostname check in src/endpoints/search.js that uses the regex /^?\d+.\d+.\d+.\d+$/ to match only literal dotted-...

CVE-2026-34526 SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This...

GHSA-WM7J-M6JM-8797 SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

Details Distinct from CVE-2025-59159 and CVE-2026-26286 all fixed in v1.16.0. This endpoint is still unpatched. In src/endpoints/search.js line 419, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This only matches literal dotted-quad IPv4 e.g. 127.0.0.1, 10.0.0.1. It does not catch: -...

CVE-2026-32767

SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...

EUVD-2005-3864

Malware in sbrugna...

EUVD-2018-8203

Malware in sbrugna...

CVE-2025-10210

A weakness has been identified in yanyutao0402 ChanCMS up to 3.3.0. Impacted is the function Search of the file app/modules/api/service/Api.js. Executing manipulation of the argument key can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

CVE-2011-10026

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the searchinstanceeval parameter, which is dynamically invoked using Ruby’s send method. Thi...

Spree Commerce 安全漏洞

Spree Commerce is an e-commerce platform from Spree Open Source. A security vulnerability exists in Spree Commerce versions prior to 0.50.x. The vulnerability stems from improper input cleanup in the API search function and could lead to remote command execution...

Malicious code in ares-api-search (npm)

The package ares-api-search was found to contain malicious code...

MAL-2025-14817 Malicious code in ares-api-search (npm)

The package ares-api-search was found to contain malicious code...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the search bar process when page descriptions are inserted into raw HTML without proper sanitization. An attacker can execute arbitrary JavaScript in the context of another user by injecting malicious conten...

Shopware 安全漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. A security vulnerability exists in Shopware versions prior to 6.5.8.13, which originates from a SQL injection in the /api/search/order endpoint...

CVE-2023-30347

Cross Site Scripting XSS vulnerability in Neox Contact Center 2.3.9, via the serachsmsapiname parameter to the SMA API search...

CVE-2021-39122

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version...

PT-2021-22386 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.5.13 Atlassian Jira Server and Data Center versions 8.6.0 through 8.13.5 Atlassian Jira Server and Data Center versions 8.14.0 through 8.15.1 Description: The issue allows anonymous...

SimplyEmail - Email Recon Made Fast And Easy

This tool was based on the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but allow users to easily build Modules for the Framework. MAJOR CALLOUTS: @laramies - Developer of theHarvester...

CVE-2005-3869

Cross-site scripting XSS vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter...