Lucene search
+L

2449 matches found

Cvelist
Cvelist
added yesterday20 views

CVE-2026-16118 Xdgmime: heap-based buffer overflow in _xdg_mime_magic_parse_magic_line() in xdgmimemagic.c

A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in xdgmimemagicparsemagicline in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME magic file in a user-writable XDG data location e.g., in the $XDGDATAHOME/mime/magic path is parsed by an...

7.1CVSS
Exploits0References3
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-16118

A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in xdgmimemagicparsemagicline in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME magic file in a user-writable XDG data location e.g., in the $XDGDATAHOME/mime/magic path is parsed by an...

7.1CVSS5.6AI score
Exploits0References4
Cvelist
Cvelist
added yesterday24 views

CVE-2026-50151 oras-go: credential forwarding via unvalidated Location header in blob upload

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, registry/remote/repository.go in blobStore.completePushAfterInitialPost follows a registry-controlled Location header during monolithic blob upload and reuses the Authorization header from the initial POST request for the...

7.5CVSS
Exploits0References4
CVE
CVE
added yesterday20 views

CVE-2026-49210

Summary: CVE-2026-49210 affects Symfony UX LiveComponent’s ChildComponentPartialRenderer::createHtml(), where client-controlled children[id].tag is interpolated into HTML as a tag name without validation/escaping, enabling an attacker to inject arbitrary HTML (including [removed] tags) during a L...

2.3CVSS5.4AI score
Exploits0References4
NVD
NVD
added 2 days ago9 views

CVE-2026-62290

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. From 1.18.0 until 1.19.6 and 1.20.3, Challenge resources under acme.cert-manager.io can be created directly by namespace...

7.3CVSS0.00078EPSS
Exploits0References7
CVE
CVE
added 2 days ago14 views

CVE-2026-45576

Summary: CVE-2026-45576 affects the zrok tool. From versions 0.4.23 through 2.0.3, the zrok2 copy command stores attacker-controlled WebDAV or zrok drive paths (e.g., /../outside.txt) in the source inventory and passes them to FilesystemTarget.WriteStream, enabling writing files outside the selec...

8.3CVSS6.1AI score0.00359EPSS
Exploits0References3
OSV
OSV
added 2 days ago3 views

CVE-2026-45576 zrok copy writes attacker-controlled WebDAV paths outside the destination root

zrok is software for sharing web services, files, and network resources. From 0.4.23 until 2.0.3, zrok2 copy stores attacker-controlled WebDAV or zrok drive paths such as /../outside.txt in the source inventory and passes them to FilesystemTarget.WriteStream, allowing the sync pipeline to write...

8.3CVSS6.1AI score0.00359EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-44845

xszyou Fay 4.3.1 contains a remote code execution vulnerability in its MCP STDIO server management and command execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and parameters, resulti...

9.8CVSS6.6AI score0.01671EPSS
Exploits0References3
OSV
OSV
added 2 days ago4 views

MAL-2026-10763 Malicious code in @edgecommons/streamlog-node (npm)

The @edgecommons/streamlog-node package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-47767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 5.4.46 until 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the...

9.8CVSS7.3AI score0.63422EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago7 views

Malicious code in syft-acp-uikit (npm)

The syft-acp-uikit package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago8 views

Malicious code in @edgecommons/streamlog-node (npm)

The @edgecommons/streamlog-node package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago6 views

Malicious code in @edgecommons/edgecommons (npm)

The @edgecommons/edgecommons package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...

5.5AI score
Exploits0References2
OSV
OSV
added 3 days ago8 views

GHSA-7GCF-G7XR-8HXJ serde_with: KeyValueMap serialization panics on empty sequence or map entries

Summary The public KeyValueMap serializer assumes that each mapped element has at least one field or item to use as the map key, but it subtracts 1 from the caller-visible length before validating that assumption. An application that serializes attacker-controlled data through serdeasas =...

5.1CVSS6.1AI score
Exploits0References5
Veracode
Veracode
added 3 days ago6 views

Prototype Pollution

@feathersjs/commons is vulnerable to Prototype Pollution. The vulnerability is due to unsafe recursive merging of attacker-controlled objects containing proto, constructor, or prototype properties, which allows an attacker to pollute the global object prototype when untrusted JSON input is passed...

3.7CVSS6.1AI score
Exploits0References5Affected Software1
OSV
OSV
added 3 days ago3 views

CVE-2026-52890 Wekan: Arbitrary file read and server DoS via attachment versions.original.path

Wekan is open source kanban built with Meteor. Prior to 9.31, Wekan allows a logged-in board member to insert an attachment document through the /attachments/insert DDP method with attacker-controlled versions.original.path and versions.original.storage fields. The server/permissions/attachments....

7.1CVSS6.2AI score0.00325EPSS
Exploits0References5
OSV
OSV
added 3 days ago5 views

CVE-2026-55576 MaaAssistantArknights: PR-title expression injection in release-preparation.yml

MaaAssistantArknights is a one-click tool for daily Arknights tasks. In the current dev-v2 workflow, .github/workflows/release-preparation.yml inlined attacker-controlled github.event.pullrequest.title into a run: shell command during the pullrequest opened, reopened, and readyforreview events, s...

8.8CVSS6.2AI score0.00297EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-56678 9Router: Kiro region injection allows authenticated SSRF with Authorization header forwarding

9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...

6.4CVSS0.00171EPSS
Exploits0References3
NVD
NVD
added 3 days ago6 views

CVE-2026-45535

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase SQL-type datasets store attacker-controlled SQL variable defaultValue entries such as $var and SqlparserUtils.handleVariableDefaultValue inserts them with String.replace without escaping or parameterizatio...

8.7CVSS0.00248EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-45534 DataEase: RCE Vulnerability

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase Redshift datasource connections can load attacker-controlled rsjdbc.ini configuration from System.getProperty"java.io.tmpdir", setting...

9CVSS0.00396EPSS
Exploits0References3
Rows per page
Query Builder