Lucene search
+L

18791 matches found

Nuclei
Nuclei
added 8 hours ago111 views

TrakSYS 11.x.x - Sensitive Data Exposure

A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...

6.9CVSS4.9AI score0.02053EPSS
Exploits0References4
Nuclei
Nuclei
added 8 hours ago63 views

Automation Anywhere Automation 360 - Server-Side Request Forgery

Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. id: CVE-2024-6922 info: name: Automation Anywhere Automation 360 - Server-Side Request Forgery author: DhiyaneshDK severity: high description: | Automation Anywhere Automation 360 v21-v...

6.9CVSS5.2AI score0.30172EPSS
Exploits0References3
Nuclei
Nuclei
added 8 hours ago57 views

D-Link Central WifiManager - Server-Side Request Forgery

D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an...

8.6CVSS7.2AI score0.44101EPSS
Exploits3References5
CVE
CVE
added yesterday16 views

CVE-2026-9810

The CVE-2026-9810 entry concerns the AI Copilot WordPress plugin prior to version 1.5.4. The root cause is that the plugin does not bind OAuth access tokens to a WordPress user, allowing any valid token to be treated as an administrator session. Consequently, unauthenticated attackers completing ...

9.8CVSS6.3AI score0.00137EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday60 views

ECOA Building Automation System - Arbitrary File Retrieval

The ECOA BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. id: CVE-2021-41293 info: name: ECOA Building Automation...

7.5CVSS7.4AI score0.20084EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday89 views

Open Automation Software OAS Platform V16.00.0121 - Missing Authentication

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

9.4CVSS8.4AI score0.37606EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-54568

Microsoft UFO open-source framework for intelligent automation across devices and platforms. From 3.0.0 until 3.0.6, a client connected to the UFO WebSocket server as a DEVICE could call DEVICEINFOREQUEST with another device's targetid and receive that device's server-side systeminfo through...

4.3CVSS6.1AI score0.00536EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2 days ago8 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.9AI score0.01557EPSS
Exploits3References25
Tenable Nessus
Tenable Nessus
added 2 days ago7 views

RHEL 10 / 9 : Red Hat Edge Manager Version 1.1.3 Security Update (Important) (RHSA-2026:41019)

The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:41019 advisory. Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports...

10CVSS6.3AI score0.01557EPSS
Exploits3References48
RedHat Linux
RedHat Linux
added 3 days ago6 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.8AI score0.02474EPSS
Exploits7References32
CVE
CVE
added 4 days ago11 views

CVE-2026-12659

The CVE-2026-12659 issue affects Rockwell Automation’s Flex 5000® Adapter. It is a denial-of-service vulnerability caused by improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. The impact is a loss of availability in the affected module and I/O, wi...

8.7CVSS6.1AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 4 days ago7 views

CVE-2026-9636

CVE-2026-9636 affects Rockwell CompactLogix 5380, ControlLogix 5580, and EN4 communications modules. The issue is in CIP Security certificate revocation handling: the controller may fail to reject certificates signed by intermediates that have been revoked via a CRL, potentially allowing a networ...

8.2CVSS6AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 4 days ago36 views

CVE-2026-10577

The CVE-2026-10577 entry concerns the 1715-AENTR EtherNet/IP Adapter, where a network-accessible debug port does not enforce proper privilege controls. This allows unauthenticated remote access to destructive CLI commands, potentially enabling read/delete of files, stopping tasks, memory modifica...

10CVSS6.1AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 5:2 p.m.34 views

CVE-2026-2398 IDOR in AdamPOS' MobilMen 20T

Authorization bypass through User-Controlled key vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows Privilege Escalation. This issue affects MobilMen 20T: from v3 through 10072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

8.8CVSS0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 5:2 p.m.9 views

EUVD-2026-42959

Authorization bypass through User-Controlled key vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows Privilege Escalation. This issue affects MobilMen 20T: from v3 through 10072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

8.8CVSS6.1AI score0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/09 4:6 p.m.6 views

EUVD-2026-42620

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0, executeautomation rehydrated automation owners without rechecking that they were still active or still had features.automations, and checkmodelaccess only enforced private-model grants...

3.1CVSS6AI score0.00303EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/09 3:30 p.m.8 views

EUVD-2026-42612

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated reques...

7.1CVSS5.9AI score0.00297EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/09 3:16 p.m.8 views

CVE-2026-59207

n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool was pointed at an arbitrary URL, allowing a member-level user with use-only access to a...

7.1CVSS6.1AI score0.00263EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.9 views

PT-2026-56826

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.61 n8n versions prior to 2.27.4 n8n versions prior to 2.28.1 Description An authenticated member with use-only editor access to a shared workflow can read credential-populated headers exposed via the $request object...

7.1CVSS6.1AI score0.00294EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 10:8 a.m.15 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update

Red Hat Edge Manager Version 1.0.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.9AI score0.02474EPSS
Exploits7References28
Rows per page
Query Builder