Lucene search
K

90212 matches found

CVE
CVE
added yesterday8 views

CVE-2026-15921

The CVE-2026-15921 issue affects Node Version Manager (nvm) up to v0.40.5, where nvm ls-remote and similar commands parse the mirror index.tab and use each LTS codename as an alias filename without validation. A malicious mirror can return path-traversal codenames (e.g., ../../../.bashrc), causin...

3.1CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added yesterday14 views

CVE-2026-15921 nvm path traversal via a malicious mirror's LTS codename writes outside the alias directory

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-26032

The PackagerResolver of Apache Ivy is able to download online artifacts and to repackage them in a format defined by a packager.xml file. This repackaging is done by an Ant script, which is stored in a subdirectory of the configured "buildRoot" directory. This subdirectory is calculated based on...

5.4CVSS
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-44761

The Gravity Forms plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.10.4 via the 'gformuploadedfiles' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...

7.5CVSS6.2AI score
Exploits0References2
CVE
CVE
added yesterday10 views

CVE-2026-12997

Summary of CVE-2026-12997 : The Gravity Forms plugin for WordPress is vulnerable to a Directory Traversal flaw in all versions up to and including 2.10.4, exploitable via the gform_uploaded_files parameter. An unauthenticated attacker can read arbitrary server files containing sensitive informati...

7.5CVSS6.2AI score
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-20297

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...

7.2CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-20297

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...

7.2CVSS6.1AI score
Exploits0References2Affected Software2
OSV
OSV
added yesterday6 views

BIT-PROMETHEUS-2026-42151 Prometheus Azure AD remote write OAuth client secret exposed via config API

Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the clientsecret field in the Azure AD remote write OAuth configuration storage/remote/azuread was typed as string instead of Secret. Prometheus redacts fields of type Secret when serving...

7.5CVSS5.8AI score0.00326EPSS
Exploits0References20
CVE
CVE
added yesterday6 views

CVE-2026-62685

The CVE affects File Browser prior to version 2.63.17. The issue arises in how user scopes are built from usernames via cleanUsername() when Signup=true and CreateUserDir=true: the many-to-one normalization can collapse usernames such as team/one, team one, and team-one to the same home directory...

8.1CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-44688

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, a Cloudreve WebDAV account rooted at a configured folder can send paths such as /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request suffix to the account root with...

7.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-44669

Cornac before 2.6.0 contains a path traversal Tar Slip vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing ../ sequences, absolute paths, or symlink/hardlink entries to the extractarchive function in...

9.1CVSS6.2AI score
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-43637

Cornac before 2.6.0 is affected by a path traversal (Tar Slip) in the _extract_archive() function (cornac/utils/download.py). The vulnerability allows an attacker to write arbitrary files outside the intended cache directory by supplying crafted TAR archives with ../ sequences, absolute paths, or...

9.1CVSS6.2AI score
Exploits0References4
RedHat Linux
RedHat Linux
added yesterday2 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a host page directory entry PDE mapping is changed from within the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a...

6.3AI score0.00176EPSS
Exploits5References6
RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-15779

A flaw was found in samba's pamwinbind. When mkhomedir is enabled, pamwinbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On affected systems, accounts with / as their home directory a common default for system accounts can...

6.1CVSS6.1AI score
Exploits0References6
CVE
CVE
added yesterday7 views

CVE-2026-15779

Summary: CVE-2026-15779 concerns Samba’s pam_winbind when mkhomedir is enabled. pam_winbind chowns the target account’s home directory without validating that the path is not a critical system directory like “/”. On systems where / is a user home (a common default for system accounts), this can b...

6.1CVSS6.1AI score
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-44662

A flaw was found in samba's pamwinbind. When mkhomedir is enabled, pamwinbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On affected systems, accounts with / as their home directory a common default for system accounts can...

6.1CVSS6.1AI score
Exploits0References5
Cvelist
Cvelist
added yesterday15 views

CVE-2026-15779 Samba-winbind: samba: pam_winbind mkhomedir chowns critical system paths without validation

A flaw was found in samba's pamwinbind. When mkhomedir is enabled, pamwinbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On affected systems, accounts with / as their home directory a common default for system accounts can...

6.1CVSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-61449

Grav 2.0.1 contains a decompression-bomb size-cap bypass in ZipArchiver and GPM\Installer. The size bound introduced in 2.0.1 sums the uncompressed size declared in each entry's ZIP central-directory header ZipArchive::statIndex'size' and rejects archives exceeding...

7.1CVSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-42936

The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS0.00142EPSS
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-44591

The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS7.1AI score0.00142EPSS
Exploits0References1
Rows per page
Query Builder