Lucene search
K

9609 matches found

CVE
CVE
added yesterday6 views

CVE-2026-42447

CVE-2026-42447 affects jadx (Dex to Java decompiler). The HTML injection occurs in the Summary tab via SummaryNode.java, which unescapes and inserts path components from an APK’s .so file entries into HTML without escaping. A malicious APK with a crafted HTML URL-encoded ZIP entry name can render...

3.6CVSS6.2AI score
Exploits0References3
CVE
CVE
added yesterday11 views

CVE-2026-59732

The CVE describes a vulnerability in rclone where rclone archive extract could write extracted files outside the user-specified destination prefix when processing crafted archives containing parent path components (e.g., ../). This allowed creating or overwriting sibling objects in the same bucke...

5CVSS6.1AI score
Exploits0References4
CVE
CVE
added yesterday50 views

CVE-2026-53486

The CVE affects the Node.js decompress package used for archive extraction. Before versions 10.2.1 and 11.1.3, crafted archives could read or write files outside the target directory due to: hardlink and symlink entries being created without proper target checks; path containment validated by a s...

9.1CVSS6.1AI score
Exploits0References7
EUVD
EUVD
added yesterday5 views

EUVD-2026-39479

Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser...

6.9CVSS6.1AI score0.0025EPSS
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-39512

K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression...

5.8CVSS6.1AI score0.00122EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added yesterday7 views

CVE-2026-39246

A flaw was found in the decompress package for Node.js. The package creates symlinks from archive entries during extraction without validating the link target against the output directory, because the existing containment check only applies to regular file entries. An attacker who can supply a...

7.5CVSS6.1AI score0.00501EPSS
Exploits1References6
Nuclei
Nuclei
added yesterday58 views

WordPress JS Archive List <= 6.1.5 - SQL Injection

Miguel Useche JS Archive List contains an sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires crafted input. id: CVE-2025-54726 info: name: WordPress JS Archive List = 6.1.5 - SQL Injection author:...

9.3CVSS6.3AI score0.01425EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added yesterday6 views

CVE-2026-12482

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in keras/src/utils/fileutils.py. Specifically, symlink entries are not subjected to the same ispathindir validation as regular file entries,...

3.1CVSS6.1AI score0.00301EPSS
Exploits0References2
NVD
NVD
added yesterday16 views

CVE-2026-58233

SAP Change and Transport System Attach Tool ctsattach allows an authenticated attacker to supply a specially crafted archive file which, when processed by the application�s library, can trigger insecure deserialization and lead to remote code execution RCE on the system. Successful exploitation...

7.6CVSS0.00314EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-43596

SAP Change and Transport System Attach Tool ctsattach allows an authenticated attacker to supply a specially crafted archive file which, when processed by the application�s library, can trigger insecure deserialization and lead to remote code execution RCE on the system. Successful exploitation...

7.6CVSS6.6AI score0.00314EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday19 views

CVE-2026-58233 Remote Code Execution vulnerability in SAP Change and Transport System Attach Tool (ctsattach)

SAP Change and Transport System Attach Tool ctsattach allows an authenticated attacker to supply a specially crafted archive file which, when processed by the application�s library, can trigger insecure deserialization and lead to remote code execution RCE on the system. Successful exploitation...

7.6CVSS0.00314EPSS
Exploits0References2
OSV
OSV
added 2 days ago4 views

MAL-2026-10506 Malicious code in node-fsagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3a0392a3ddea9b6099e8501fdb827f586a410323cecea214aa50fc1be42183b The package tarball ships archive-sender.js, which archives the host path /root/.codex, splits the tar into 200MB chunks, reconstructs an npm registr...

6.1AI score
Exploits0References10
NVD
NVD
added 2 days ago5 views

CVE-2026-58409

ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution RCE on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The application explicitly includes 'php' in its ALLOWEDEXTENSIO...

9.1CVSS0.00456EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago5 views

Malicious code in node-fsmetrics-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b67fad1d72f63941a3973df07e6cbd980c9e3c3bbe5041818f58b9be07d6b7e9 The tarball contains archive-sender.js, which tars the directory /root/.codex, splits the archive into 200MB chunks, and uploads each chunk by runnin...

6.2AI score
Exploits0References5
OSV
OSV
added 2 days ago4 views

MAL-2026-10479 Malicious code in node-fsmetrics-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b67fad1d72f63941a3973df07e6cbd980c9e3c3bbe5041818f58b9be07d6b7e9 The tarball contains archive-sender.js, which tars the directory /root/.codex, splits the archive into 200MB chunks, and uploads each chunk by runnin...

6.2AI score
Exploits0References5
NVD
NVD
added 4 days ago6 views

CVE-2026-10041

The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.27 via the wcfmproductarchive due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS0.0025EPSS
Exploits0References12
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-10041 WCFM – Frontend Manager for WooCommerce <= 6.7.27 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Vendor Data Manipulation via Multiple AJAX Handlers

The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.27 via the wcfmproductarchive due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS0.0025EPSS
Exploits0References12
NVD
NVD
added 5 days ago6 views

CVE-2026-59193

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS0.0039EPSS
Exploits1References3
NVD
NVD
added 5 days ago8 views

CVE-2026-55782

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's WebAssembly archive handler in NanaZip.Codecs.Archive.WebAssembly.cpp allocates buffers from attacker-controlled 32-bit section and custom-name length fields without validating them against...

2.4CVSS0.00113EPSS
Exploits0References5
OSV
OSV
added 5 days ago3 views

CVE-2026-55783 NanaZip: NULL pointer dereference in Extract() of all seven NanaZip custom archive handlers when extracting/testing the whole archive

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References5
Rows per page
Query Builder