Lucene search
K

2458 matches found

Cvelist
Cvelist
added 19 hours ago7 views

CVE-2026-15285 The Plus Addons for Elementor <= 6.4.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget Custom Attributes

The Plus Addons for Elementor plugin for WordPress was vulnerable to Authenticated Contributor+ Stored Cross-Site Scripting via the Button widget's customattributes setting in versions up to and including 6.4.11. The render function in modules/widgets/tpbutton.php passed the raw customattributes...

6.4CVSS
Exploits0References5
Nuclei
Nuclei
added 20 hours ago41 views

SillyTavern - Server-Side Request Forgery

SillyTavern versions up to and including 1.17.0 expose the /api/search/searxng endpoint, which accepts an attacker-controlled baseUrl parameter and uses it directly to build outbound server-side fetch requests. An authenticated low-privilege user can point baseUrl at an internal or loopback HTTP...

8.5CVSS5.9AI score0.00866EPSS
Exploits0References2
Nuclei
Nuclei
added 20 hours ago83 views

Wipro Holmes Orchestrator 20.4.1 - Information Disclosure

Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to download arbitrary files, such as reports containing sensitive information, because authentication is not required for API access to processexecution/DownloadExcelFile/DomainCredentialReportExcel,...

7.5CVSS7.2AI score0.53008EPSS
Exploits3References3
Nuclei
Nuclei
added 20 hours ago15 views

Chef Automate < 4.13.295 — SQL Injection

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token. id: CVE-2025-8868 info...

9.8CVSS6AI score0.22827EPSS
Exploits0References2
Nuclei
Nuclei
added 20 hours ago81 views

Apache Druid - Server-Side Request Forgery

Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid.This issue affects all previous Druid versions.When using the Druid management proxy, a request tha...

5.8CVSS7.1AI score0.01656EPSS
Exploits0References2
NVD
NVD
added yesterday11 views

CVE-2026-59854

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, whose denylist misses common home-directory credential files such as...

4.9CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-13441

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'neweventtypebackgroundcolor' parameter in all versions up to, and including, 4.3.4.2 due to insufficient input sanitization and output escaping. This makes it possible...

7.2CVSS6.1AI score
Exploits0References9
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-13011

The ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.17.5 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS6AI score0.00269EPSS
Exploits0References7
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-54652 Frigate viewer can read logs exposing admin and camera credentials

Frigate is an open source network video recorder. In version 0.17.1, the GET /api/logs/service endpoint allows any authenticated user including the viewer role to download Frigate and nginx logs, exposing auto-generated admin passwords and camera credentials logged in request query strings and...

8.1CVSS0.00231EPSS
Exploits0References3
OSV
OSV
added 3 days ago4 views

PYSEC-2026-1689 Nautobot may allows uploaded media files to be accessible without authentication

Impact Files uploaded by users to Nautobot's MEDIAROOT directory, including DeviceType image attachments as well as images attached to a Location, Device, or Rack, are served to users via a URL endpoint that was not enforcing user authentication. As a consequence, such files can be retrieved by...

6.3CVSS5.9AI score0.00383EPSS
Exploits0References9
OSV
OSV
added 4 days ago3 views

PYSEC-2026-902 PyDio Stored XSS Vulnerability

A stored XSS vulnerability exists in the web application of Pydio through 8.2.2 that can be exploited by levering the file upload and file preview features of the application. An authenticated attacker can upload an HTML file containing JavaScript code and afterwards a file preview URL can be use...

5.4CVSS6AI score0.00675EPSS
Exploits3References6
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-41775

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.getfilepath function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, withou...

7.1CVSS5.9AI score0.00372EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 9:14 p.m.3 views

GHSA-RH62-J648-G5QC Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB

Impact Recce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API. When Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and...

7.8CVSS5.9AI score
Exploits0References3
NVD
NVD
added 2026/07/02 5:17 p.m.7 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

4.3CVSS0.00262EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 2:13 p.m.5 views

PYSEC-2026-740 Improper Restriction of XML External Entity Reference in trytond and proteus

An XXE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user...

6.5CVSS6.1AI score0.01374EPSS
Exploits1References10
CVE
CVE
added 2026/07/01 6:16 p.m.21 views

CVE-2026-58451

CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References7
NVD
NVD
added 2026/06/30 10:16 p.m.11 views

CVE-2026-58448

yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation...

7.1CVSS0.00235EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 8:18 p.m.16 views

CVE-2025-36324

CVE-2025-36324 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue is a server-side request forgery (SSRF) that could allow an authenticated attacker to make unauthorized requests from the system, potentially enabling network enumeration or facilitating other ...

4.3CVSS5.8AI score0.0027EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/30 11:22 a.m.7 views

mariadb: MariaDB: Privilege bypass allows unauthorized file write via subqueries

A flaw was found in MariaDB server. This vulnerability allows a low-privileged authenticated user to bypass a security control that normally restricts file operations. Specifically, the system failed to verify the necessary 'FILE' privilege when certain 'SELECT' statements, which write data to...

8.1CVSS5.8AI score0.00399EPSS
Exploits0References6
CVE
CVE
added 2026/06/30 6:52 a.m.22 views

CVE-2026-12240

The CVE-2026-12240 entry concerns the WordPress Export User Data plugin (up to version 2.2.6). Affected component: the unserialize path validation in the plugin allows an authenticated subscriber+ to trigger arbitrary file deletions on the server by exporting user data, with a crafted serialized ...

8CVSS6.5AI score0.00341EPSS
Exploits0References2
Rows per page
Query Builder