Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/12 3:52 p.m.28 views

CVE-2026-6046 Plugin bot username conflict allows user account to be used as bot identity in Mattermost Server

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to validate that a username returned during bot registration belongs to a bot account, which allows an unprivileged attacker to intercept private messages sent by plugins via direct message channels ...

5.3CVSS0.0019EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 12:16 p.m.14 views

CVE-2026-9694

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions, could have allowed an unauthenticated user to impersonate the GitLab Support Bot and inject arbitrary content via a specially...

4.3CVSS0.00211EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 10:19 a.m.27 views

CVE-2026-9694 Improper Neutralization of Substitution Characters in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions, could have allowed an unauthenticated user to impersonate the GitLab Support Bot and inject arbitrary content via a specially...

2.6CVSS0.00211EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/20 9:47 p.m.1 views

Command Injection

Overview zen-ai-pentest is an Advanced AI-Powered Penetration Testing Framework with Multi-Agent Orchestration Affected versions of this package are vulnerable to Command Injection via the Prepare Notification process in the GitHub Actions workflow. An attacker can execute arbitrary shell command...

10CVSS6.1AI score
Exploits0References2
Rows per page
Query Builder