CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added yesterday•5 views

CVE-2026-9777

ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the restoreDB...

7.2CVSS7.6AI score

CVE•added yesterday•4 views

CVE-2026-9776

ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ATEN Unizon. Authentication is not required to exploit this vulnerability. The specific fl...

7.5CVSS7AI score

CVE-2026-9775

ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL...

5.5CVSS6.4AI score

CVE-2026-9774

ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

5.5CVSS6.4AI score

CVE•added yesterday•11 views

CVE-2026-53765

Chrome DevTools for agents chrome-devtools-mcp lets your coding agent control and inspect a live Chrome browser. From 0.20.0 until 1.1.0, The chrome-devtools-mcp daemon writes its PID file with fs.writeFileSync to a deterministic runtime path. On typical macOS environments, and on Linux sessions...

6.1CVSS5.9AI score

7.5CVSS6AI score0.00087EPSS

CVE-2026-54066

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...

NVD•added yesterday•3 views

CVE-2026-48789

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents directory. The shared...

4.3CVSS0.00042EPSS

NVD•added yesterday•4 views

CVE-2026-48732

Warp is an agentic development environment. From 0.2023.03.21.08.02.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection issue in the legacy SSH background command path. Warp used the remote working directory reported by the session when building helper commands for...

8.8CVSS0.00128EPSS

Cvelist•added yesterday•6 views

CVE-2026-48732 Warp: Remote SSH cwd can lead to unauthorized remote command execution

8.8CVSS0.00128EPSS

EUVD•added yesterday•4 views

EUVD-2026-39014

8.8CVSS6.1AI score0.00128EPSS

8.8CVSS6.1AI score0.00128EPSS

CVE-2026-48732

Warp prior to version 0.2026.05.06.15.42.stable_01 contains a command injection in the legacy SSH background command path: the remote working directory from the SSH session is embedded into a shell command without escaping, allowing an attacker-controlled path (host/repo/dir) to inject arbitrary ...

CVE•added yesterday•10 views

CVE-2026-54686

Warp: CVE-2026-54686 enables DCS lifecycle hook spoofing in Warp’s PTY stream, allowing attacker-controlled terminal output to spoof lifecycle metadata (e.g., working directory, SSH transport metadata) for active sessions. Technical details in connected PoC describe additional remote command inje...

4.3CVSS5.9AI score

Exploits1References3

EUVD•added yesterday•2 views

EUVD-2026-38925

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...

5.7AI score

Exploits0References3

NVD•added yesterday•5 views

CVE-2026-57288

Jenkins Active Directory Plugin 2.41.1 and earlier does not escape the user name before building the LDAP search filter in the Windows native ADSI authentication path, allowing unauthenticated attackers to inject LDAP wildcard characters to enumerate directory entries and to authenticate as a...

3.7CVSS

Cvelist•added yesterday•8 views

CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS

Exploits0References3

CVE•added yesterday•10 views

CVE-2026-35025

ProFTPD versions affected: 1.3.9b and 1.3.10rc2. Issue: an access control bypass in the RNFR path handling allows authenticated FTP users to bypass Directory ACL restrictions by prefixing paths with /proc/self/root. Root cause: unresolved symlink components in dir_canonical_path() cause dir_check...

8.6CVSS5.9AI score

Exploits0References3

CVE•added yesterday•7 views

CVE-2026-57288

CVE-2026-57288 — Jenkins Active Directory Plugin versions up to 2.41.1 are affected. The vulnerability arises because the plugin does not escape the user name before building the LDAP search filter in the Windows native ADSI authentication path, enabling unauthenticated attackers to inject LDAP w...

3.7CVSS5.9AI score

EUVD•added yesterday•7 views

EUVD-2026-38768

3.7CVSS5.9AI score

Cvelist•added yesterday•7 views

CVE-2026-57288