Lucene search
+L

5227 matches found

Nuclei
Nuclei
added 14 hours ago95 views

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

8.8CVSS5.9AI score0.01875EPSS
Exploits1References2
Nuclei
Nuclei
added 14 hours ago67 views

NocoBase - SQL Injection

NocoBase @nocobase/plugin-collection-sql versions prior to 2.0.39 are vulnerable to SQL injection via the sqlCollection:update endpoint. The checkSQL function, which blocks dangerous SQL keywords and ensures only SELECT statements are allowed, is not called during collection updates. id:...

7.2CVSS5.6AI score0.01833EPSS
Exploits1References2
CVE
CVE
added yesterday16 views

CVE-2026-54498

CVE-2026-54498 affects ViewComponent (Ruby on Rails) where ViewComponent::Base#around_render can return HTML-unsafe strings, bypassing normal escaping and causing XSS. The issue is amplified when ViewComponent::Collection#render_in joins per-item results and marks the whole output html_safe, conv...

8.7CVSS5.2AI score
Exploits0References4
CVE
CVE
added 2 days ago26 views

CVE-2026-44174

Kirby CMS (versions prior to 4.9.1 and 5.4.1) exposes REST API search and collection queries that did not validate model attributes, allowing authenticated users to invoke arbitrary model methods (e.g., password(), root(), loginPasswordless(), delete()) via collection endpoints. This can disclose...

8.7CVSS6.2AI score0.0028EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-44174 Kirby: Arbitrary Method Call via REST API search and collection query endpoints

Kirby is an open-source content management system. Prior to 4.9.1 and 5.4.1, Kirby did not validate the model attributes that were used in its collection queries, allowing attackers to include arbitrary model methods in their queries. This includes methods with sensitive data such as password...

8.7CVSS0.0028EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago8 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.9AI score0.01557EPSS
Exploits3References25
Securelist
Securelist
added 2 days ago14 views

GoSerpent: a persistent threat evolves with sophisticated data collection and exfiltration

Introduction In February 2026, we discovered a set of malicious activities that had been ongoing since late 2025. These activities involved a RAT module written in Go with proxy capabilities, which served as the main stage of the attack. The attack targeted government and diplomatic entities in...

6.3AI score
Exploits0
OSV
OSV
added 2 days ago3 views

MAL-2026-10765 Malicious code in syft-acp-core (npm)

The syft-acp-core package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...

5.6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago14 views

PT-2026-60460

Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An insecure symlink following issue exists within the pro collect-logs command framework. The utility uses predictable temporary file paths or user-accessible log directories to...

5CVSS6AI score0.00155EPSS
Exploits0References5
OSV
OSV
added 2 days ago4 views

MAL-2026-10764 Malicious code in syft-acp-atoms (npm)

The syft-acp-atoms package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...

5.6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago9 views

ViewComponent: around_render HTML-Safety Bypass

Summary ViewComponent::Basearoundrender can return HTML-unsafe strings that bypass the escaping behavior applied to normal call return values. This creates an XSS risk when downstream applications use aroundrender to wrap, replace, instrument, or conditionally return content that includes...

8.7CVSS6AI score
Exploits0References6Affected Software1
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-52888 NocoBase: Sensitive Data Exposure via SQL Blacklist Bypass

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. In 2.0.59 and earlier, NocoBase @nocobase/plugin-collection-sql used the checkSQL function in packages/plugins/@nocobase/plugin-collection-sql/src/server/utils.ts with an incomplete...

6.8CVSS0.00269EPSS
Exploits0References3
CVE
CVE
added 3 days ago9 views

CVE-2026-52888

NocoBase before 2.1.0-alpha.46 exposes sensitive data via the SQL Collection feature. The plugin-collection-sql checkSQL() used an incomplete keyword blacklist that did not block PostgreSQL system catalogs (e.g., pg_shadow, pg_roles, pg_stat_activity), allowing an admin-role user to read password...

6.8CVSS6.1AI score0.00269EPSS
Exploits0References3
OSV
OSV
added 3 days ago4 views

CVE-2026-52888 NocoBase: Sensitive Data Exposure via SQL Blacklist Bypass

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. In 2.0.59 and earlier, NocoBase @nocobase/plugin-collection-sql used the checkSQL function in packages/plugins/@nocobase/plugin-collection-sql/src/server/utils.ts with an incomplete...

6.8CVSS6.1AI score0.00269EPSS
Exploits0References5
NVD
NVD
added 3 days ago5 views

CVE-2026-61644

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS0.00243EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-61644 FastGPT: /api/core/chat/record/getCollectionQuote can disclose cross-tenant dataset text due to an unbound initialId lookup

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS0.00243EPSS
Exploits0References4
OSV
OSV
added 3 days ago4 views

CVE-2026-61644 FastGPT: /api/core/chat/record/getCollectionQuote can disclose cross-tenant dataset text due to an unbound initialId lookup

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS6.1AI score0.00243EPSS
Exploits0References6
CVE
CVE
added 3 days ago9 views

CVE-2026-61644

FastGPT contains a cross-tenant data disclosure in POST /api/core/chat/record/getCollectionQuote. From 4.14.17 through 4.15.0-beta5, the initialId center-node lookup is not bound to the caller’s authenticated chat/collection context, allowing a low-privileged tenant to supply attacker-owned appId...

7.7CVSS6.1AI score0.00243EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago11 views

Malicious code in @leviosa86com/leviosa86-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96264a8719e17bd8ec21d47213fe31dec87445e01ff312a1e46af5819e028979 Package @leviosa86com/[email protected] ships src/poc/index.js which shells out via childprocess.exec to collect host identifiers hostname, pwd,...

6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60389

Name of the Vulnerable Software and Affected Versions view component versions 4.0.0 through 4.11.0 Description An issue exists where ViewComponent::Basearound render can return HTML-unsafe strings that bypass the escaping behavior typically applied to call return values. This leads to a Cross-Sit...

8.7CVSS5.2AI score
Exploits0References9
Rows per page
Query Builder