Lucene search
+L

2496 matches found

Cvelist
Cvelist
added 2026/06/24 2:20 p.m.35 views

CVE-2026-50699 Frappe Framework 17.0.0-dev - Stored XSS in Auto Repeat dashboard schedule rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...

4.6CVSS0.00313EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.5 views

CVE-2026-10091

The Email JavaScript Cloak plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email' shortcode in all versions up to, and including, 1.03 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

7.2CVSS6AI score0.00264EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52121

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description A directory traversal flaw exists in the updateLicense method, where a lack of proper validation of user-supplied paths allows authenticated remote attackers to delete arbitrary files. Th...

6.5CVSS6.2AI score0.01195EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.21 views

PT-2026-52118

Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...

8.1CVSS5.9AI score0.00323EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.16 views

PT-2026-52119

Name of the Vulnerable Software and Affected Versions Unraid Web Server affected versions not specified Description A command injection flaw in the FileUpload.php file allows authenticated remote attackers to execute arbitrary code in the context of the www-data user. The issue is caused by...

8.8CVSS7.7AI score0.01114EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-52125

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description An issue in the ImportDeviceList method allows authenticated remote attackers to execute arbitrary code in the context of SYSTEM. This occurs due to insufficient validation of a...

7.2CVSS7.5AI score0.01477EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52120

Name of the Vulnerable Software and Affected Versions Unraid affected versions not specified Description A command injection flaw in the web server allows authenticated remote attackers to execute arbitrary code in the context of the www-data user. The issue occurs in the ToggleState.php file due...

8.8CVSS7.7AI score0.01126EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.17 views

PT-2026-52126

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description An issue exists where the software fails to properly verify cryptographic signatures, allowing authenticated remote attackers to execute arbitrary code in the context of SYSTEM. The flaw ...

7.2CVSS7.4AI score0.00376EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-52124

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description An issue in the restoreDB function allows authenticated remote attackers to execute arbitrary code in the context of SYSTEM. This occurs due to insufficient validation of a user-supplied...

7.2CVSS7.5AI score0.01477EPSS
Exploits0References6
NVD
NVD
added 2026/06/23 9:17 p.m.11 views

CVE-2026-47383

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated commenter could store HTML in row comments that executed as script when other users hovered over the comment in the expanded form view. The comment write paths persisted the raw comment body with no...

7.4CVSS0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:54 p.m.9 views

EUVD-2026-38594

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784...

8.6CVSS5.7AI score0.00258EPSS
Exploits0
OSV
OSV
added 2026/06/23 8:41 p.m.4 views

CVE-2026-46548 NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins Slack, Discord, Mattermost, Teams because httpAgent / httpsAgent were passed as part of the request body rather th...

4.3CVSS6.1AI score0.00176EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/23 5:33 p.m.16 views

Gogs's Unauthenticated Jupyter Notebook (ipynb) Sanitizer allows arbitrary data: URIs leading to XSS

Summary The Jupyter Notebook ipynb sanitizer endpoint at POST /-/api/sanitizeipynb allows arbitrary data: URIs without proper restrictions, potentially leading to Cross-Site Scripting XSS. The endpoint uses bluemonday.UGCPolicy with p.AllowURLSchemes"data" which permits all data URI schemes...

6.4CVSS6.1AI score0.00677EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/23 4:44 p.m.44 views

CVE-2026-54015 Open WebUI: Prompt history IDOR: unbound history_id allows cross-prompt read and deletion

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-history endpoints authorize the promptid in the URL but then act on caller-supplied history IDs without verifying that the history row belongs to that...

6.4CVSS0.00169EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:31 p.m.3 views

CVE-2023-33854

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques...

5.3CVSS5.9AI score0.00188EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/22 12:31 p.m.6 views

CVE-2026-56446 Authenticated Remote Code Execution via Arbitrary NDJSON Error Log Path in MISP

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...

8.7CVSS6.6AI score0.00383EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.41 views

PT-2026-51430

Name of the Vulnerable Software and Affected Versions motionEye version 0.43.1 Description An absolute path traversal issue exists in the picture and movie API endpoints, such as '/picture/id/preview/filename'. The vulnerability occurs because the API handlers and functions get media preview and...

6.5CVSS6AI score0.00418EPSS
Exploits0References15
OSV
OSV
added 2026/06/19 8:46 p.m.7 views

GHSA-M744-JHQ9-PPW6 CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.

Impact A CoreWCF service is running and listening on a Kafka topic receiving a null-value record will stop processing new records from that topic. Preconditions The attacker has produce/write permission on a topic that CoreWCF is consuming from. If the broker permits anonymous publishes, no...

6.5CVSS5.9AI score0.00336EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 8:16 p.m.14 views

CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

7.1CVSS0.00235EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 7:38 p.m.7 views

CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder