Lucene search
K

142 matches found

ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-57247

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2026/06/29 4:39 a.m.10 views

CVE-2026-44022

A flaw was found in Docling, a tool for document processing. The LaTeX backend, responsible for handling commands like \includegraphics, \input, and \include, lacked proper validation for file paths. This vulnerability allows an attacker to craft a malicious LaTeX document containing path travers...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 3:45 p.m.7 views

EUVD-2026-39791

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 3:40 p.m.7 views

EUVD-2026-39790

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 7:28 p.m.6 views

GO-2026-5060 Gotenberg: SSRF via LibreOffice document processing in github.com/gotenberg/gotenberg

Gotenberg: SSRF via LibreOffice document processing in github.com/gotenberg/gotenberg...

7.5CVSS5.8AI score0.00355EPSS
Exploits0References1
OSV
OSV
added 2026/06/03 10:59 a.m.5 views

SUSE-SU-2026:2234-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues - CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. - CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs bsc1265154...

5.5CVSS7.2AI score0.00126EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in qpdf

In QPDF 8.2.1, within libqpdf/QPDFWriter.cc, the functions QPDOrWriter::unparseObject and QPDOrWriter::unparseChild contain recursive calls that last for a long time. This allows remote attackers to cause a denial of service by using a crafted PDF file...

4.3CVSS5.8AI score0.01281EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/16 9:30 p.m.9 views

Excessive Iteration

Overview PyPDF2 is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Excessive Iteration in the incremental mode for PDF processing. An attacker can cause excessive resource consumption and...

6.5CVSS5.7AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.7 views

Across DR-810 安全漏洞

Across DR-810 is an enterprise-level software system developed by the Across company, designed for automating document processing and translation processes. There is a security vulnerability in Across DR-810, which stems from improper access control mechanisms, potentially leading to the leakage ...

8.7CVSS5.8AI score0.00535EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/20 7:40 p.m.8 views

CVE-2026-26338

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery SSRF through the document processing functionality...

9.8CVSS5.5AI score0.0036EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 6:25 p.m.5 views

CVE-2026-26339

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality...

9.8CVSS0.00544EPSS
Exploits0References3
NVD
NVD
added 2026/02/19 6:24 p.m.8 views

CVE-2026-26338

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery SSRF through the document processing functionality...

9.8CVSS0.0036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/19 5:4 p.m.7 views

CVE-2026-26339 Hyland Alfresco Transformation Service Argument Injection RCE

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality...

9.8CVSS6.3AI score0.00544EPSS
Exploits0References3
OSV
OSV
added 2026/02/19 5:4 p.m.9 views

CVE-2026-26339 Hyland Alfresco Transformation Service Argument Injection RCE

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality...

9.3CVSS6.6AI score0.00544EPSS
Exploits0References6
CVE
CVE
added 2026/02/19 5:3 p.m.17 views

CVE-2026-26338

The CVE-2026-26338 entry pertains to Hyland Alfresco Transformation Service. The connected documents confirm an unauthenticated server-side request forgery (SSRF) via the service’s document processing functionality. The root cause, affected component, and explicit exploit details are not enumerat...

9.8CVSS5.5AI score0.00544EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/19 5:3 p.m.28 views

CVE-2026-26338 Hyland Alfresco Transformation Service SSRF

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery SSRF through the document processing functionality...

9.8CVSS0.0036EPSS
Exploits0References3
OSV
OSV
added 2026/02/19 5:3 p.m.9 views

CVE-2026-26338 Hyland Alfresco Transformation Service SSRF

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery SSRF through the document processing functionality...

6.9CVSS5.9AI score0.00544EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.6 views

PT-2026-20877

Name of the Vulnerable Software and Affected Versions Hyland Alfresco Transformation Service affected versions not specified Description An unauthenticated attacker can perform server-side request forgery SSRF via the document processing functionality. SSRF occurs when an application makes reques...

9.8CVSS5.2AI score0.00544EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.11 views

Hyland Alfresco Transformation Service 安全漏洞

The Hyland Alfresco Transformation Service is a document conversion service component provided by the American company Hyland. The Hyland Alfresco Transformation Service has a security vulnerability, which stems from parameter injection in the document processing function. This vulnerability may...

9.8CVSS6.1AI score0.00544EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.11 views

Hyland Alfresco Transformation Service 安全漏洞

The Hyland Alfresco Transformation Service is a document conversion service component provided by the American company Hyland. The Hyland Alfresco Transformation Service has a security vulnerability, which stems from a server-side request forgeing vulnerability present in its document processing...

9.8CVSS5.8AI score0.00544EPSS
Exploits0References3
Rows per page
Query Builder