Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

80 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:27 p.m.9 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.6AI score0.00303EPSS
Exploits0References1
NVD
NVDadded 2026/06/04 2:16 p.m.11 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS0.00303EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/04 12:50 p.m.7 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/06/04 12:50 p.m.7 views

EUVD-2026-34256

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/04 12:50 p.m.8 views

CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
CVE
CVEadded 2026/06/04 12:50 p.m.11 views

CVE-2026-40605

CVE-2026-40605 concerns Tautulli, a Python-based tool for Plex Media Server. A path traversal vulnerability existed in the cache deletion API prior to version 2.17.1, allowing an authenticated user to delete directories outside the configured cache path, which could lead to arbitrary data loss an...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/04 12:50 p.m.38 views

CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46228

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/06/04 12:0 a.m.7 views

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue in the cache deletion endpoint, which could allow authenticated API...

7.1CVSS5.4AI score0.00303EPSS
Exploits0References2
OSV
OSVadded 2026/04/22 7:22 a.m.1 views

SUSE-SU-2026:1541-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2026-34078: improper processing of app-controlled symlinks by sandbox-expose can lead to sandbox escape, host file access and code execution in the host context bsc1261769. - CVE-2026-34079: improper removal of outdated cache files allows...

10CVSS6.3AI score0.01636EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/02/21 7:29 p.m.4 views

CVE-2026-2849

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sy...

6.3CVSS5.2AI score0.0022EPSS
Exploits1References1
CVE
CVEadded 2026/02/19 4:36 a.m.18 views

CVE-2025-13864

The Breeze WordPress Cache Plugin (WordPress) is vulnerable in all versions up to 2.2.21 due to the REST endpoint /wp-json/breeze/v1/clear-all-cache being registered with permission_callback => '__return_true' and authentication disabled by default when the API is enabled. This allows unauthen...

5.3CVSS5.4AI score0.00353EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-39056

Malicious code in bioql PyPI...

6.5CVSS5.7AI score0.00632EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-23631

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00534EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-24114

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00227EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-30275

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00424EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-24115

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00227EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-24119

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00389EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/06/14 1:43 a.m.1 views

CVE-2025-6059 Seraphinite Accelerator <= 2.27.21 - Cross-Site Request Forgery to Multiple Administrative Actions

The Seraphinite Accelerator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.27.21. This is due to missing or incorrect nonce validation on the 'OnAdminApiCacheOpBegin' function. This makes it possible for unauthenticated attackers to perfor...

4.3CVSS5.8AI score0.0015EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 2:59 a.m.16 views

CVE-2023-1472

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions...

6.3CVSS5.4AI score0.00209EPSS
Exploits0References1
Rows per page
Query Builder