Lucene search
K

2440 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 5:31 a.m.12 views

CVE-2026-8048 My Email Shortcode <= 0.91 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]

The My Email Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subject' shortcode attribute in the 'my-email' shortcode in all versions up to, and including, 0.91 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

6.4CVSS6AI score0.00187EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 12:16 a.m.19 views

CVE-2026-8606

A Server-Side Request Forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By directing requests to an internal management service and...

7CVSS0.00386EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 12:3 a.m.12 views

GHSA-P2RJ-MRMC-9W29 Yamcs vulnerable to unauthorized user enumeration via IAM API endpoints

Summary The IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core do not enforce the required SystemPrivilege.ControlAccess check. As a result, any authenticated user even those with low or no privileges can enumerate all user accounts in the system, including their...

4.3CVSS5.8AI score0.00028EPSS
Exploits2References2
NVD
NVD
added 2026/05/26 9:16 p.m.20 views

CVE-2026-44450

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS0.00377EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 8:14 p.m.14 views

EUVD-2026-31985

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via workflowtemplate Import. Authenticated users can supply arbitrary URLs in workflowtemplate.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This vulnerability is fixed in...

6.3CVSS5.9AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 7:54 p.m.33 views

CVE-2026-44450 Lumiverse: RCE via MCP stdio argument injection

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS0.00377EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 7:54 p.m.10 views

CVE-2026-44450 Lumiverse: RCE via MCP stdio argument injection

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS6.3AI score0.00377EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 7:54 p.m.11 views

CVE-2026-44450

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS6.3AI score0.00377EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/26 2:8 p.m.43 views

CVE-2026-42785 OpenKM 6.3.12 Remote Code Execution via Administrative Scripting

OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system command...

8.6CVSS0.00679EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/05/26 1:6 p.m.26 views

cve-database

Vulnerability Report: Format String Vulnerability in D-Link DC...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.17 views

PT-2026-43402

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an inline-code executi...

9.9CVSS6.3AI score0.00377EPSS
Exploits0References3
OSV
OSV
added 2026/05/23 12:16 a.m.9 views

GHSA-JPJH-JM2P-39HH Arcane: Missing admin authorization on global variables endpoint

Summary The PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin authorization check. Any authenticated non-admin user can call this endpoint with their bearer token...

8.8CVSS6AI score0.00245EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-016743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016743 advisory. MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on...

7.8CVSS7.5AI score0.00645EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/21 8:19 p.m.35 views

CVE-2026-8417 Concrete CMS 9.5.0 and below is vulnerable to CSRF in do_update() in the package update controller

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/doupdate/. The doupdate method in concrete/controllers/singlepage/dashboard/extend/update.php checks only canInstallPackages before executing upgradeCoreData and upgrade on the named...

7.5CVSS0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 5:10 p.m.39 views

CVE-2026-48228 Open ISES Tickets < 3.44.2 Reflected XSS via patient_w.php id and ticket_id Parameters

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patientw.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id and ticketid GET parameters directly into an HTML form action URL. Attackers ca...

5.4CVSS0.00169EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:9 p.m.9 views

CVE-2026-48218 Open ISES Tickets < 3.44.2 Reflected XSS via icons/buttons/landb.php frm_name and frm_id Parameters

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmname and frmid POST parameters directly into rendered HTML content a...

5.4CVSS5.8AI score0.00259EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:9 p.m.10 views

CVE-2026-48214 Open ISES Tickets < 3.44.2 Reflected XSS via add_nm.php ticket_id Parameter

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in addnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid POST parameter directly into an HTML form input value attribute and an inlin...

5.4CVSS5.8AI score0.00212EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

WordPress plugin GSheet For Woo Importer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00192EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.14 views

PT-2026-42516

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile main.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-existence sanity check without sanitization. Authenticated attackers can craft requests that alter...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2026/05/21 12:0 a.m.12 views

Progress Software Kemp LoadMaster addcountry Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within handling of the customLocation parameter. The issue results from the lack ...

8.8CVSS6.2AI score0.18238EPSS
Exploits0References1
Rows per page
Query Builder