CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/16 2:6 p.m.•5 views

GHSA-8RFP-98V4-MMR6 Bleach: URI sanitization allows disallowed URI schemes with Unicode > U+00A0 in output

Impact A possible XSS bypass affects users calling bleach.clean with all of: a in the allowed tags href in allowed attributes The bleach.clean sanitizer outputs URIs containing disallowed scheme patterns that it should be stripping. However, because the inserted Unicode characters make the scheme...

5.5AI score

Exploits0References3

OSV•added 2026/06/15 7:27 p.m.•3 views

GHSA-JQ35-7PRP-9V3F PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys

!NOTE Scored assuming a deployment where algorithm policy functions as an authentication/authorization boundary. In deployments where the algorithm policy enforces crypto agility only, the practical confidentiality impact is lower and the issue is closer to an integrity-of-policy-enforcement bug...

5.4CVSS5.5AI score0.00127EPSS

Exploits1References4

EUVD•added 2026/06/13 12:34 a.m.•7 views

EUVD-2026-36610

OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attackers can rebuild command arguments after allowlist approval to execute unapproved command shapes, potentially bypassing security controls...

8.8CVSS5.5AI score0.00982EPSS

Exploits0References3

NVD•added 2026/06/12 9:16 p.m.•14 views

CVE-2026-44990

ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the default configuration, versions of sanitize-html prior to 2.17.4 can turn attacker-controlled content inside a disallowed xmp element into live HTML or...

9.3CVSS0.00323EPSS

Vulnrichment•added 2026/06/12 8:39 p.m.•7 views

CVE-2026-44990 Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`

9.3CVSS5.1AI score0.00323EPSS

CVE•added 2026/06/12 8:39 p.m.•50 views

CVE-2026-44990

CVE-2026-44990 affects the sanitize-html package used with ApostropheCMS. Under default configuration (disallowedTagsMode: 'discard'), versions before 2.17.4 allow attacker-controlled content inside a disallowed xmp element to bypass sanitization and render as live HTML/JS, enabling stored XSS. T...

9.3CVSS5.2AI score0.00323EPSS

Cvelist•added 2026/06/12 8:39 p.m.•31 views

CVE-2026-44990 Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`

9.3CVSS0.00323EPSS

OSV•added 2026/06/10 11:16 p.m.•4 views

DEBIAN-CVE-2026-49219

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy bypass and read files disallowed by a security policy using a symlink. This issue has been patched i...

OSV•added 2026/06/10 11:16 p.m.•2 views

UBUNTU-CVE-2026-49219

5.5CVSS5.2AI score0.00128EPSS

Exploits0References3

Snyk•added 2026/06/10 11:12 p.m.•6 views

Directory Traversal

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS6.2AI score0.00128EPSS

Cvelist•added 2026/06/10 10:0 p.m.•27 views

CVE-2026-49219 ImageMagick: Policy Bypass can read disallowed files

5.5CVSS0.00128EPSS

Vulnrichment•added 2026/06/10 10:0 p.m.•8 views

CVE-2026-49219 ImageMagick: Policy Bypass can read disallowed files

CVE•added 2026/06/10 10:0 p.m.•38 views

CVE-2026-49219

Technical details are not publicly available in the provided documents. Monitor for updates.

Exploits0References1Affected Software1

AlpineLinux•added 2026/06/10 10:0 p.m.•16 views

CVE-2026-49219

Snyk•added 2026/06/09 9:59 p.m.•6 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handleTokenExchange function. An attacker can gain unauthorized access to restricted resources by exploiting the lack of enforcement of allowed connectors when exchanging tokens. This is only exploitable i...

8.7CVSS5.4AI score

NVD•added 2026/06/04 5:16 p.m.•13 views

CVE-2026-50076

Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks and invoke classpath-present readResolve/readExternal hooks via...

9.1CVSS0.0052EPSS

CVE•added 2026/06/04 4:9 p.m.•32 views

CVE-2026-50076

CVE-2026-50076 affects the Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM. The issue is a deserialization flaw in the Java replace-resolve path that allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks and to invoke classpath-present readResolve/r...

9.1CVSS5.8AI score0.0052EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/06/04 4:9 p.m.•37 views

CVE-2026-50076 Apache Fory: Java ReplaceResolverSerializer deserialization checks bypass

0.0052EPSS

CNNVD•added 2026/06/04 12:0 a.m.•6 views

Apache Fory 安全漏洞

Apache Fory is a serialization framework developed by the Apache Foundation in the United States. Versions of Apache Fory prior to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the deserialization of untrusted data in the Java replace-resolve path, which could allow...

9.1CVSS5.6AI score0.0052EPSS