Lucene search
K

3669 matches found

Circl
Circl
added 4 days ago10 views

GHSA-HJR6-G723-HMFM

creationtimestamp| type| source ---|---|--- 2026-07-10 16:01:02+00:00| seen| https://thehackernews.com/2026/07/researcher-details-whatsapp-to-host.html 2026-07-10 20:00:23+00:00| seen| https://bsky.app/profile/iberianm.bsky.social/post/3mqcwsfxjof2i 2026-07-11 01:00:51+00:00| seen|...

6.1AI score
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-61492

In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...

6.1CVSS0.0039EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-61492

The provided connected documents identify a concrete vulnerability in JetBrains YouTrack: stored XSS via article titles in digest emails, affecting versions prior to 2026.2.17394. The exact root cause is not detailed beyond this description, and there are no explicit exploit details or remediatio...

6.1CVSS6.1AI score0.0039EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42915

In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...

6.1CVSS6.1AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 2:16 a.m.8 views

CVE-2026-12731

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sectionTitleTag' and 'articleTitleTag' Block Attributes in all versions up to, and including, 2.3.0 due to insufficient input sanitization and outpu...

6.4CVSS0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/03 1:28 a.m.9 views

EUVD-2026-41470

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sectionTitleTag' and 'articleTitleTag' Block Attributes in all versions up to, and including, 2.3.0 due to insufficient input sanitization and outpu...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/07/03 1:28 a.m.19 views

CVE-2026-12731

The CVE-2026-12731 entry concerns the weDocs WordPress plugin (Docs, Documentation, Wiki & AI Chatbot). Affected: all versions up to 2.3.0. Issue: Stored Cross-Site Scripting via the Block Attributes sectionTitleTag and articleTitleTag, caused by insufficient input sanitization and output escapin...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/03 1:28 a.m.43 views

CVE-2026-12731 weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sectionTitleTag' and 'articleTitleTag' Block Attributes

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sectionTitleTag' and 'articleTitleTag' Block Attributes in all versions up to, and including, 2.3.0 due to insufficient input sanitization and outpu...

6.4CVSS0.00206EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55441

Name of the Vulnerable Software and Affected Versions weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot versions prior to 2.3.1 Description Insufficient input sanitization and output escaping allow authenticated attackers with contributor-level access and above to perform...

6.4CVSS6.1AI score0.00206EPSS
Exploits0References10
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-48940

A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...

3.4CVSS0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:26 p.m.4 views

EUVD-2026-39445

A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...

3.4CVSS5.9AI score0.00167EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 2026/06/09 5:0 p.m.29 views

2026-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5094127)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

5.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/06/09 5:0 p.m.22 views

2026-06 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5094127)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

5.4AI score
Exploits0
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

WordPress plugin Soliloquy Lite 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS5.2AI score0.00171EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 3:32 a.m.9 views

CVE-2026-48191

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/01 3:32 a.m.22 views

CVE-2026-48191

CVE-2026-48191 affects STORM modules in OTRS (versions 7.0.x, 8.0.x, 2023.x, 2024.x, 2025.x, and 2026.x prior to 2026.4.x). The vulnerability arises from incorrect handling of permissions in Document Search Article Meta Filters, enabling an attacker to learn the number of affected CIs, SLA and se...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/01 3:32 a.m.45 views

CVE-2026-48191 Wrong Permission Handling in Document Search Article Meta Filters

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X of OTRS, as well as versions before 2026.4.X. These vulnerabilities stem from improper handling of permissions in the document search...

3.5CVSS5.3AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 7:16 p.m.17 views

CVE-2026-49386

In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas...

6.5CVSS0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 6:15 p.m.26 views

CVE-2026-49386

CVE-2026-49386 affects JetBrains YouTrack prior to 2026.1.13570, where an improper access control allows enumeration of restricted issues and articles on Planning Canvas. The issue’s impact is limited to information exposure (enumeration) without indicating broader code execution or data modifica...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder