Lucene search
K

1086399 matches found

OSV
OSV
added 2026/06/18 6:43 a.m.5 views

MINI-62RW-2CGM-R7M9

Bulletin has no description...

9.1CVSS4.9AI score0.00466EPSS
Exploits0
OSV
OSV
added 2026/06/18 6:42 a.m.8 views

MINI-F75R-Q84J-J4XQ

Bulletin has no description...

8.8CVSS5AI score0.0022EPSS
Exploits1
OSV
OSV
added 2026/06/18 6:33 a.m.4 views

MINI-RW7W-HHQ5-CPVQ

Bulletin has no description...

7.5CVSS4.9AI score0.00781EPSS
Exploits0
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-9860

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS0.00577EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/18 6:5 a.m.9 views

EUVD-2026-37854

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action 'a=update' modifies group access rights including via cotauthaddgroup without calling cotcheckxg to validate th...

9.6CVSS5.8AI score0.00227EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 6:2 a.m.4 views

MINI-GFV5-G5J8-XPRC

Bulletin has no description...

7.5CVSS4.9AI score0.00359EPSS
Exploits0
OSV
OSV
added 2026/06/18 6:2 a.m.5 views

MINI-5V2M-J8R6-2XCG

Bulletin has no description...

9.1CVSS5AI score0.00457EPSS
Exploits0
EUVD
EUVD
added 2026/06/18 6:0 a.m.8 views

EUVD-2026-37852

The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 6:0 a.m.21 views

CVE-2026-9815

The CVE-2026-9815 entry concerns the MagicForm WordPress plugin (versions up to 0.1.3). The affected component is the file upload path via an unauthenticated AJAX action, where the per-field extension allowlist being empty leads to improper validation of uploaded file types. As a result, unauthen...

6.5CVSS6AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 6:0 a.m.20 views

CVE-2026-9815 MagicForm <= 0.1.3 - Unauthenticated Arbitrary File Upload to RCE

The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server...

0.00215EPSS
Exploits0References1
ICS
ICS
added 2026/06/18 6:0 a.m.11 views

AVer PTC cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or...

9.8CVSS6.2AI score0.00616EPSS
Exploits0References13
ICS
ICS
added 2026/06/18 6:0 a.m.9 views

AzeoTech DAQFactory (Update A)

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

8.4CVSS6.2AI score0.00148EPSS
Exploits0References11
OSV
OSV
added 2026/06/18 5:59 a.m.3 views

MINI-96GM-PX7J-HQ3V

Bulletin has no description...

7.5CVSS4.9AI score0.00389EPSS
Exploits0
OSV
OSV
added 2026/06/18 5:49 a.m.3 views

MINI-43JC-92GM-2CMQ

Bulletin has no description...

7.5CVSS5AI score0.00359EPSS
Exploits0
OSV
OSV
added 2026/06/18 5:5 a.m.6 views

MINI-XMMW-RXJH-C9J2

Bulletin has no description...

7.2CVSS4.8AI score0.00224EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/18 4:31 a.m.24 views

CVE-2026-9860 Offload, AI & Optimize with Cloudflare Images <= 1.10.2 - Authenticated (Author+) Remote Code Execution via 'api-key' / 'account-id' Parameters in cf_images_do_setup AJAX Action

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS0.00577EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/18 4:31 a.m.9 views

EUVD-2026-37840

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS6AI score0.00577EPSS
Exploits0References6
CVE
CVE
added 2026/06/18 4:31 a.m.42 views

CVE-2026-9860

The CVE-2026-9860 entry concerns the WordPress plugin “Offload, AI & Optimize with Cloudflare Images” (versions

8.8CVSS6AI score0.00577EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:9 a.m.7 views

Malicious code in stackus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a8032b910c8971e79e7d8b0e250ce4d61fd2a2206d6b319a5aed50e32490456 On require, lib/writer.js loaded transitively from the package's main pino.js collects the installer's full process.env together with host identifier...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/18 4:9 a.m.6 views

MAL-2026-6098 Malicious code in stackus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a8032b910c8971e79e7d8b0e250ce4d61fd2a2206d6b319a5aed50e32490456 On require, lib/writer.js loaded transitively from the package's main pino.js collects the installer's full process.env together with host identifier...

5.8AI score
Exploits0References2
Rows per page
Query Builder