Lucene search
K

2447 matches found

NVD
NVD
added 2026/05/29 2:16 p.m.18 views

CVE-2026-44238

FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full administrator privileges ar...

8.8CVSS0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.13 views

FreePBX SQL注入漏洞

FreePBX is a set of tools from the FreePBX project that allow configuration of Asterisk an IP telephony system through a GUI web-based graphical interface. Versions of FreePBX prior to 16.0.50 and 17.0.11 contained a SQL injection vulnerability. This vulnerability stemmed from the CDR Reports...

8.8CVSS5.9AI score0.00289EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.19 views

PT-2026-44843

Name of the Vulnerable Software and Affected Versions FreePBX versions prior to 16.0.50 FreePBX versions prior to 17.0.11 Description The CDR Reports module page allows SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. This issue occurs throug...

8.5CVSS5.9AI score0.00289EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2026/05/28 12:0 p.m.137 views

CVE-2026-52806: Authenticated RCE via Argument Injection in Gogs (FIXED as of June 7, 2026)

Overview Rapid7 Labs discovered a critical argument injection CWE-88 vulnerability in Gogs, a popular open-source self-hosted Git service, tracked as CVE-2026-52806. Rapid7 Labs scores this vulnerability as CVSSv4 9.4 Critical. The vulnerability allows any authenticated user to achieve remote cod...

9.9CVSS6.5AI score0.01029EPSS
Exploits0
EUVD
EUVD
added 2026/05/27 5:55 p.m.12 views

EUVD-2026-32622

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

6.5CVSS5.8AI score0.00471EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 5:16 p.m.16 views

EUVD-2026-32607

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...

8.8CVSS5.9AI score0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 5:31 a.m.13 views

CVE-2026-8048 My Email Shortcode <= 0.91 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]

The My Email Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subject' shortcode attribute in the 'my-email' shortcode in all versions up to, and including, 0.91 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

6.4CVSS6AI score0.00187EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 12:16 a.m.20 views

CVE-2026-8606

A Server-Side Request Forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By directing requests to an internal management service and...

7CVSS0.00386EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 12:3 a.m.12 views

GHSA-P2RJ-MRMC-9W29 Yamcs vulnerable to unauthorized user enumeration via IAM API endpoints

Summary The IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core do not enforce the required SystemPrivilege.ControlAccess check. As a result, any authenticated user even those with low or no privileges can enumerate all user accounts in the system, including their...

4.3CVSS5.8AI score0.00028EPSS
Exploits2References2
NVD
NVD
added 2026/05/26 9:16 p.m.20 views

CVE-2026-44450

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS0.00377EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 8:14 p.m.14 views

EUVD-2026-31985

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via workflowtemplate Import. Authenticated users can supply arbitrary URLs in workflowtemplate.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This vulnerability is fixed in...

6.3CVSS5.9AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 7:54 p.m.33 views

CVE-2026-44450 Lumiverse: RCE via MCP stdio argument injection

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS0.00377EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 7:54 p.m.11 views

CVE-2026-44450

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS6.3AI score0.00377EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/26 7:54 p.m.11 views

CVE-2026-44450 Lumiverse: RCE via MCP stdio argument injection

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS6.3AI score0.00377EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 2:8 p.m.43 views

CVE-2026-42785 OpenKM 6.3.12 Remote Code Execution via Administrative Scripting

OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system command...

8.6CVSS0.00679EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/05/26 1:6 p.m.30 views

cve-database

Vulnerability Report: Format String Vulnerability in D-Link DC...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.18 views

PT-2026-43402

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS6.3AI score0.00377EPSS
Exploits0References3
OSV
OSV
added 2026/05/23 12:16 a.m.9 views

GHSA-JPJH-JM2P-39HH Arcane: Missing admin authorization on global variables endpoint

Summary The PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin authorization check. Any authenticated non-admin user can call this endpoint with their bearer token...

8.8CVSS6AI score0.00245EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-016743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016743 advisory. MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on...

7.8CVSS7.5AI score0.00645EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/21 8:19 p.m.35 views

CVE-2026-8417 Concrete CMS 9.5.0 and below is vulnerable to CSRF in do_update() in the package update controller

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/doupdate/. The doupdate method in concrete/controllers/singlepage/dashboard/extend/update.php checks only canInstallPackages before executing upgradeCoreData and upgrade on the named...

7.5CVSS0.00122EPSS
Exploits0References1
Rows per page
Query Builder