Lucene search
+L

5 matches found

NVD
NVD
added 2026/02/25 10:16 p.m.6 views

CVE-2026-26985

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with the appropriate authorization can re...

8.1CVSS0.00334EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/25 9:26 p.m.4 views

EUVD-2026-8747

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with the appropriate authorization can re...

8.1CVSS5.8AI score0.00334EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/25 9:26 p.m.22 views

CVE-2026-26985 LORIS vulnerable to path traversal in electrophysiology_browser

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with the appropriate authorization can re...

8.1CVSS0.00334EPSS
Exploits0References3
OSV
OSV
added 2026/02/25 9:26 p.m.6 views

CVE-2026-26985 LORIS vulnerable to path traversal in electrophysiology_browser

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with the appropriate authorization can re...

8.1CVSS6AI score0.00334EPSS
Exploits0References5
CVE
CVE
added 2026/02/25 9:26 p.m.17 views

CVE-2026-26985

CVE-2026-26985 affects LORIS 24.0.0 through versions prior to 26.0.5, 27.0.2, and 28.0.0. A authenticated user with the right permissions can abuse a path traversal flaw in the electrophysiology_browser to read server configuration files that may contain hard-coded credentials, potentially enabli...

8.1CVSS5.8AI score0.00334EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder