Lucene search
K

563 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-52885

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires Time-of-Check. However, the command payload is taken from the in-memory userCommands vector, which is populated at application...

7.5CVSS0.00129EPSS
Exploits2References2
NVD
NVD
added last week7 views

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS0.00145EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 10:16 p.m.6 views

CVE-2026-49979

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses...

5.1CVSS0.00218EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51693

Name of the Vulnerable Software and Affected Versions WP Forms Connector versions prior to 1.9 Description An issue exists where unauthenticated attackers can execute additional SQL queries to extract sensitive information from the database. This occurs via the /wp-json/wp/v3/post/list REST...

7.5CVSS5.9AI score0.00376EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/23 6:24 p.m.8 views

Mise vulnerable to arbitrary command execution via task-include files in an untrusted, config-less repository

Summary mise's trust feature gates config files mise.toml, .tool-versions through trustcheck, but task-include files are loaded on a path that never reaches it. When a directory has a task-include dir mise-tasks/, .mise/tasks/, … but no config file, mise falls back to the default includes and...

8.6CVSS6AI score0.00184EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

5.3CVSS5.6AI score0.00907EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the Big Requests extension. The length of the request is multiplied by 4 before checking against the maximum allowed size, which may lead to an integer overflow and bypassing the size check...

7.3CVSS5.5AI score0.00299EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-50979

Name of the Vulnerable Software and Affected Versions Tilt versions 0.24.0 through 0.37.3 Description The Tilt HUD WebSocket endpoint /ws/view is susceptible to Cross-site WebSocket Hijacking CSWSH, a technique where an attacker tricks a victim's browser into establishing a WebSocket connection t...

8.3CVSS5.9AI score
Exploits0References6
NVD
NVD
added 2026/06/18 2:17 p.m.12 views

CVE-2026-42489

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

5.3CVSS0.00078EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 5:53 a.m.3362 views

CVE-2025-48617

CVE-2025-48617 affects Android’s CarrierConfigLoader.java, specifically overrideConfig, enabling a permissions/UID check bypass that could cause local privilege escalation with no additional execution privileges required and no user interaction. The vulnerability is tied to a local attack vector ...

7.8CVSS5.5AI score0.00077EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/16 12:0 a.m.7 views

Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check

The Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through it, reaching internal services and cloud-metadata endpoints, while using a...

8.6CVSS5.3AI score0.00289EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.9 views

CVE-2026-42770 FFC-DH Peer Validation Uses Attacker-Supplied q

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

5.4AI score0.00259EPSS
Exploits0References6
Xen Project
Xen Project
added 2026/06/09 12:0 p.m.14 views

domctl lock open to abuse

ISSUE DESCRIPTION To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is,...

6.5CVSS5.5AI score0.002EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/09 10:53 a.m.31 views

CVE-2026-49738 TYPO3 CMS - Broken Access Control in File Abstraction Layer

The path allowance check in GeneralUtility::isAllowedAbsPath performed a plain string prefix comparison without requiring a directory separator boundary, causing a path like /var/www/html-other/secret.yaml to be incorrectly accepted as valid when the project root was /var/www/html. Administrator...

2.1CVSS0.00356EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/08 8:59 p.m.10 views

CVE-2026-46384

An integer overflow flaw was found in Go Avro in decoding logic. Multiple decoder paths performs unsafe integer conversions and overflow-prone arithmetic operations on attacker-controlled values from Avro payloads. A remote attacker during Avro decoder operations could exploit this issue using...

8.7CVSS5.3AI score0.00397EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.9 views

CVE-2026-41569

authentik is an open-source identity provider. Prior to version 2026.2.3, the WS-Federation provider validates the user-supplied wreply parameter using a raw string prefix check rather than proper URL parsing. An attacker who can craft a login link can supply a wreply value on a different origin...

6.9CVSS5.4AI score0.00182EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:15 p.m.6 views

CVE-2026-46400 HAXCMS PHP has a File Upload Validation Bypass

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions using a regex pattern without checking the actual file content or MIME type. This allows attacker...

8.7CVSS5.9AI score0.00387EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/02 1:38 a.m.9 views

SUSE CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

8CVSS5.9AI score0.00462EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/06/01 10:42 a.m.85 views

Exploit for CVE-2026-29000

Lab Demo CVE-2026-29000: pac4j-jwt Authentication Bypass Môi...

9.3CVSS5.8AI score0.05856EPSS
Exploits17
GithubExploit
GithubExploit
added 2026/05/30 2:44 a.m.135 views

Exploit for CVE-2026-46716

CVE-2026-46716 — Nezha Monitoring Cross-Tenant RCE via Cron AP...

6.3AI score0.00339EPSS
Exploits1
Rows per page
Query Builder