Lucene search
K

144 matches found

CVE
CVE
added 2026/06/29 3:40 p.m.17 views

CVE-2026-13744

CVE-2026-13744 affects Snowflake CLI versions prior to 3.19. The vulnerability arises from improper neutralization of attacker-controlled content, allowing unintended SQL execution when a victim processes crafted repository content, project configuration, manifest data, or specification input thr...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/26 10:21 p.m.3 views

GHSA-WP3C-266W-4QFQ js-toml vulnerable to CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

Summary js-toml versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration performs a BigInt BigInt operation on an accumulator that grows linearl...

7.5CVSS6AI score0.00415EPSS
Exploits1References5
OSV
OSV
added 2026/06/25 10:17 p.m.5 views

UBUNTU-CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51654

Name of the Vulnerable Software and Affected Versions GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default on UDP port 10001, contains a stack-based buffer overflow. The issue occurs when the server processes a UDP message and performs an unsafe...

10CVSS6.8AI score0.00436EPSS
Exploits0References10
CVE
CVE
added 2026/06/23 6:33 p.m.49 views

CVE-2026-55249

The CVE-2026-55249 issue affects @rtk-ai/rtk-rewrite OpenClaw plugin (v1.0.0), where attacker-controlled input is injected into a shell-backed execSync() template string. JSON.stringify() wraps values in quotes but does not neutralize shell metacharacters, leaving $() and backticks untouched. Sin...

8.8CVSS6.2AI score0.00288EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 4:30 p.m.35 views

CVE-2026-50269 AIOHTTP: CRLF injection in multipart headers

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.0, attacker-controlled input included into multipart/payload headers can be used to modify a request to inject additional headers or similar. In the unlikely situation that an application is passing...

6.9CVSS0.00301EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/16 2:57 p.m.10 views

Cross-site Scripting (XSS)

Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the addAttribute function, which interpolates unescaped object keys as HTML attribute names when spreadi...

6.1CVSS5.9AI score0.0016EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:7 p.m.46 views

aiohttp: CRLF injection in multipart headers

Summary Attacker-controlled input included into multipart/payload headers can be used to modify a request to inject additional headers or similar. Impact In the unlikely situation that an application is passing user-controlled strings into MultipartWriter.appendheaders=... or Payload.headers, the...

7.5CVSS5.3AI score0.00301EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.18 views

PT-2026-49556

Name of the Vulnerable Software and Affected Versions @babel/core versions prior to 7.29.6 @babel/core versions prior to 8.0.0-rc.6 Description Compiling maliciously crafted code using @babel/core can allow an attacker to read any source map from the system. This occurs when the attacker controls...

3.6CVSS5.9AI score0.00116EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48968

Name of the Vulnerable Software and Affected Versions Kitty versions prior to 0.47.0 Description A flaw allows a program capable of writing bytes to the terminal—such as a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, or an issue body in a TUI—to...

7.8CVSS5.8AI score0.00164EPSS
Exploits1References5
Snyk
Snyk
added 2026/06/11 8:18 a.m.9 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the RemotingHandler function. An attacker can execute arbitrary scripts in the user's browser by crafting error responses that include attacker-controlled input, which are then rendered as HTML. Details...

6.5CVSS5.3AI score0.00201EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 7:31 a.m.30 views

CVE-2026-53901

CVE-2026-53901 affects Cerebrate, before v1.37, where the generic CRUD add path allowed mass assignment of attacker-controlled identifiers. The add() handler attempted to strip an id from $params prior to __massageInput() normalization, but a supplied id could still be present in the normalized i...

8.7CVSS5.5AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 8:26 p.m.19 views

CVE-2026-48110

CVE-2026-48110 affects Russh, a Rust SSH client/server library. From 0.34.0 up to before 0.61.0, several client/server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH peer could send o...

7.5CVSS5.5AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:31 p.m.14 views

EUVD-2026-35474

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

8.1CVSS6.3AI score0.00358EPSS
Exploits0References7
NVD
NVD
added 2026/06/08 5:16 p.m.10 views

CVE-2026-43966

Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cowhttpstructhd:escapestring/2 in cowlib only escapes \ and ", passing all other byt...

6.3CVSS0.00313EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/28 7:1 p.m.13 views

compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...

6.2AI score0.00022EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.12 views

PT-2026-44728

Description The JsonPath component's match and search filter functions compile a caller-supplied pattern straight into preg match: php 'match' = @preg matchsprintf'/^%s$/u', $this-transformJsonPathRegex$argList1, $value, 'search' = @preg match"/$this-transformJsonPathRegex$argList1/u", $value,...

6.9CVSS5.8AI score0.00082EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/27 6:21 p.m.13 views

EUVD-2026-32623

Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters ., , , , , ?. When attacker-controlled input flows into eb.refcol, '-$'.keyinput or .atinput — including type-safe code where the JSON column ...

7.5CVSS5.9AI score0.00362EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-44158

Summary The WordExport export flow only checks whether the current backend user has the feature permission word export. It does not verify access rights on the target element itself. As a result, a low-privileged backend user can export document content even when the user does not have view...

6.4CVSS5.8AI score0.00089EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Wheel

A vulnerability was discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier. This vulnerability allows remote attackers to cause a denial of service by using attacker-controlled input to the wheel cli...

7.5CVSS6.9AI score0.02659EPSS
Exploits1References2
Rows per page
Query Builder