Lucene search
K

391 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.5 views

CVE-2026-25325

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through = 4.7.8...

5.3CVSS5.5AI score0.00316EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.5 views

CVE-2026-25389

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.3CVSS0.0024EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/18 3:31 p.m.8 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the Run Parameter values. An attacker can access information about the existence of job...

5.3CVSS5.7AI score0.00333EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/02/14 12:0 a.m.12 views

VulnCheck KEV: CVE-2026-0770

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS6.3AI score0.10371EPSS
In wildExploits8References3
RedhatCVE
RedhatCVE
added 2026/02/12 1:42 p.m.6 views

CVE-2025-9986

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation.This issue affects DIGIKENT: through 13092025...

8.2CVSS5.5AI score0.00217EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:34 a.m.2 views

CVE-2025-9986

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation. This issue affects DIGIKENT: through 13092025...

8.2CVSS5.5AI score0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.11 views

PT-2026-7493

Name of the Vulnerable Software and Affected Versions DIGIKENT versions through 13092025 Description A flaw exists in DIGIKENT that results in the exposure of sensitive system information to an unauthorized control sphere, potentially allowing for data excavation. The number of potentially affect...

8.2CVSS5.4AI score0.00217EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/02/05 7:11 a.m.172 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-...

9.3CVSS5.3AI score0.47467EPSS
Exploits70
Snyk
Snyk
added 2026/02/05 3:20 a.m.3 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the debug functions, due to unprotected /config partition. An attacker can gain unauthorized access to debugging functions without triggering the measured bo...

8.8CVSS7.9AI score0.00159EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.6 views

CVE-2026-24998

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...

5.3CVSS5.4AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.14 views

CVE-2026-24536

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through = 4.38.0...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.7 views

CVE-2026-24523

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...

5.3CVSS5.4AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-63051

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in sizam REHub Framework rehub-framework allows Retrieve Embedded Sensitive Data.This issue affects REHub Framework: from n/a through 19.9.9.4...

4.3CVSS5.4AI score0.00314EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.7 views

CVE-2026-24536

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through = 4.38.0...

5.3CVSS0.00305EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 6:31 a.m.4 views

GHSA-G22F-V6F7-2HRH Langflow affected by Remote Code Execution via validate_code() exec()

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.3CVSS6.6AI score0.10371EPSS
Exploits8References4
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:28 a.m.11 views

CVE-2026-0770

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS6.3AI score0.10371EPSS
Exploits8References2Affected Software1
CVE
CVE
added 2026/01/23 3:28 a.m.30 views

CVE-2026-0770

Langflow is affected by a Remote Code Execution vulnerability (CVE-2026-0770) due to inclusion of functionality from an untrusted control sphere in the exec_globals handling of the validate endpoint. The Nuclei and PoC material indicate the flaw exists in Langflow’s validate_code path (e.g., /api...

9.8CVSS6.5AI score0.10371EPSS
In wildExploits8References1Affected Software1
Cvelist
Cvelist
added 2026/01/23 3:28 a.m.42 views

CVE-2026-0770 Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS0.10371EPSS
Exploits8References1
OSV
OSV
added 2026/01/23 3:28 a.m.10 views

CVE-2026-0770 Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS7.7AI score0.10371EPSS
Exploits8References3
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.7 views

PT-2026-4384

Name of the Vulnerable Software and Affected Versions webpushr versions through 4.38.0 Description A flaw exists in webpushr webpushr-web-push-notifications that could allow retrieval of embedded sensitive data. This issue relates to the exposure of sensitive system information to an unauthorized...

5.3AI score0.00305EPSS
Exploits0References3
Rows per page
Query Builder