Lucene search
K

365 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-54764

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS6AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago7 views

CVE-2025-71367

picklescan before 0.0.34 fails to detect operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using operator.attrgetter in reduce methods to execute arbitrary code when pickle.load processes the file...

8.1CVSS6.3AI score0.00445EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/29 2:23 p.m.6 views

Interpretation Conflict

Overview org.webjars.npm:fast-uri is a Dependency-free RFC 3986 URI toolbox Affected versions of this package are vulnerable to Interpretation Conflict in its parse, normalize, and equal functions, which call the nonexistent URL.domainToASCII static method and silently swallow the resulting...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-55838

RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.7 and earlier, the real-time metrics endpoint at /rustfs/admin/v3/metrics is accessible to any valid IAM user regardless of their assigned policy. Every other admin handler in the codebase calls validateadminrequest to...

4.3CVSS0.00162EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 4:4 p.m.13 views

CVE-2026-56663

AutoGPT (SendWebRequestBlock) prior to version 0.6.52 is vulnerable to a SSRF-to-RCE chain due to improper normalization of IPv4-mapped IPv6 addresses in _is_ip_blocked(), which fails to block IPv4-mapped addresses and special-use ranges (e.g., 100.64.0.0/10). An authenticated user can bypass pri...

8.5CVSS5.8AI score0.00224EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 9:16 p.m.10 views

CVE-2026-33543

FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...

9.3CVSS0.00289EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52182

Name of the Vulnerable Software and Affected Versions OliveTin affected versions not specified Description The filterToDefinedArgumentsOnly function in the executor fails to properly restrict arguments, allowing any argument starting with the ot prefix to bypass input filtering. While the system ...

4.3CVSS6.1AI score
Exploits0References5
CVE
CVE
added 2026/06/23 9:2 p.m.54 views

CVE-2026-54518

The CVE-2026-54518 issue affects jackson-databind’s UnwrappedPropertyHandler path. From 2.21.0 through 2.21.4 and 3.1.0 through 3.1.4, UnwrappedPropertyHandler.processUnwrappedCreatorProperties() replays buffered JSON into creator parameters without consulting prop.visibleInView(activeView). This...

6.5CVSS5.9AI score0.00211EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/22 10:16 p.m.7 views

CVE-2026-48506

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip recursively descends into nested arrays and maps without incrementing the reader depth or calling the configured depth checks. This bypasses MessagePackSecurity.MaximumObjectGraphDepth, the...

7.5CVSS0.00275EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:17 p.m.5 views

CVE-2026-48506

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip recursively descends into nested arrays and maps without incrementing the reader depth or calling the configured depth checks. This bypasses MessagePackSecurity.MaximumObjectGraphDepth, the...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 8:32 p.m.79 views

CVE-2026-45034

Summary: PhpSpreadsheet before 1.30.5 contains a bypass in File::prohibitWrappers that can be exploited via phar:// wrapper paths (e.g., phar:///path/file.phar/inner). When input contains three or more slashes after the scheme, parse_url can return false, skipping the check and allowing phar wrap...

9.2CVSS5.9AI score0.00351EPSS
Exploits1References1
OSV
OSV
added 2026/06/19 9:16 p.m.7 views

GHSA-M999-J542-5W3R Open Redirect Bypass in miniflux-v2

Summary The URL restrictions in miniflux-v2 can be bypassed by attackers, leading to an open redirect vulnerability. Details Normally, the redirect URL needs to be validated using IsRelativePath. There are some security measures in place, such as requiring relative paths, prohibiting host and...

5.1CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.10 views

PT-2026-51095

Name of the Vulnerable Software and Affected Versions miniflux-v2 affected versions not specified Description URL restrictions can be bypassed, leading to an open redirect. The application uses the IsRelativePath function to validate redirect URLs by requiring relative paths and prohibiting host ...

5.1CVSS5.9AI score
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Hermes Web UI 路径遍历漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.269 contained a path traversal vulnerability. This vulnerability stemmed from an issue with bypassing workspace boundaries, which could allow authentication attackers t...

7.7CVSS5.4AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 8:17 p.m.13 views

CVE-2026-49141

WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants by supplying an arbitrary caller-controlled contactid in the POST request body without tenant ownership...

7.1CVSS0.00216EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.10 views

CVE-2026-44459

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This issue is not...

3.8CVSS5.5AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.9 views

CVE-2026-10549

LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...

5.3CVSS5.5AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.11 views

CVE-2026-44003

A flaw was found in vm2 before 3.11.0. A code transformer fast-path skips AST analysis when catch, import, and async are absent, allowing direct access to VM2INTERNALSTATEDONOTUSEORPROGRAMWILLFAIL and internal security functions handleException, wrapWith, import. Fixed in 3.11.0...

5.8CVSS5.8AI score0.00248EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-45722

LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 5:22 p.m.7 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via improper enforcement of policy checks in the QQBot admin command. An attacker can gain unauthorized access to restricted admin commands by bypassing DM-only an...

5.4CVSS5.5AI score0.00148EPSS
Exploits0References2
Rows per page
Query Builder