Lucene search
K

83 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-1832

The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress is vulnerable to unauthorized cache deletion due to a missing capability check on the 'thrivedeskclearcache' AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authenticated...

4.3CVSS0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-1832 ThriveDesk <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Cache Deletion

The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress is vulnerable to unauthorized cache deletion due to a missing capability check on the 'thrivedeskclearcache' AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authenticated...

4.3CVSS0.00204EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.6AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 2:16 p.m.15 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 12:50 p.m.4 views

CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS6AI score0.00303EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/04 12:50 p.m.12 views

CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 12:50 p.m.12 views

EUVD-2026-34256

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:50 p.m.8 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/04 12:50 p.m.17 views

CVE-2026-40605

CVE-2026-40605 concerns Tautulli, a Python-based tool for Plex Media Server. A path traversal vulnerability existed in the cache deletion API prior to version 2.17.1, allowing an authenticated user to delete directories outside the configured cache path, which could lead to arbitrary data loss an...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 12:50 p.m.43 views

CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46228

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue in the cache deletion endpoint, which could allow authenticated API...

7.1CVSS5.4AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 7:22 a.m.3 views

SUSE-SU-2026:1541-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2026-34078: improper processing of app-controlled symlinks by sandbox-expose can lead to sandbox escape, host file access and code execution in the host context bsc1261769. - CVE-2026-34079: improper removal of outdated cache files allows...

10CVSS6.3AI score0.0168EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.7 views

CVE-2026-2849

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sy...

6.3CVSS5.2AI score0.0022EPSS
Exploits1References1
CVE
CVE
added 2026/02/19 4:36 a.m.22 views

CVE-2025-13864

The Breeze WordPress Cache Plugin (WordPress) is vulnerable in all versions up to 2.2.21 due to the REST endpoint /wp-json/breeze/v1/clear-all-cache being registered with permission_callback =&gt; '__return_true' and authentication disabled by default when the API is enabled. This allows unauthen...

5.3CVSS5.4AI score0.00353EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-24114

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-24115

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-24119

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00389EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-23631

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00534EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-30275

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00432EPSS
Exploits0References2
Rows per page
Query Builder