Lucene search
K

60 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/07 3:23 a.m.7 views

CVE-2026-34170

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/07/03 11:16 a.m.8 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
OSV
OSV
added 2026/06/23 5:1 p.m.6 views

GHSA-G2F5-GJR4-QJVM Gogs has a Migration Redirect Bypass that Leads to Internal Repository Theft

Migration URL validation bypass via HTTP redirect to blocked internal endpoints Summary A Server-Side Request Forgery SSRF vulnerability exists in the repository migration functionality. The application validates only the initially submitted URL hostname, but git clone --mirror follows HTTP...

8.7CVSS6AI score0.00384EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.12 views

CVE-2026-41278

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the...

8.7CVSS5.4AI score0.00421EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 7:28 p.m.19 views

EUVD-2026-30614

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints accept any model name from the user and forward the request to the Ollama backend without checking whether the...

5.4CVSS5.8AI score0.00238EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.12 views

PT-2026-41309

Name of the Vulnerable Software and Affected Versions Google Cloud Application Integration versions prior to 2026-01-23 Description Improper Access Control in several internal API endpoints allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary...

10CVSS6.1AI score0.00514EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/09 3:30 a.m.46 views

CVE-2026-42461 Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full...

8.7CVSS0.00309EPSS
Exploits0References2
CVE
CVE
added 2026/05/04 5:44 p.m.19 views

CVE-2026-41572

Note Mark (project: Note Mark) contains an authenticated/un-authenticated access flaw prior to version 0.19.3 where, after a public book is soft-deleted, notes and uploaded assets remain readable via /api/notes/{id}, /api/notes/{id}/content, the slug path, and asset endpoints. Root cause: GORM’s ...

5.3CVSS5.7AI score0.00194EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/22 2:52 p.m.9 views

Insecure Default Initialization of Resource

Overview engramx is a The context spine for AI coding agents. 9 built-in providers + mcpConfig plugin contract wrap any MCP server in 10 lines, generic MCP-client aggregator stdio, pre-mortem mistake-guard, bi-temporal mistake memory, Anthropic Auto-Memory bridge, SSE stre Affected versions of th...

8.6CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2026/04/16 10:47 p.m.8 views

GHSA-XFQJ-R5QW-8G4J Paperclip: Unauthenticated Access to Multiple API Endpoints in Authenticated Mode

Summary Several API endpoints in authenticated mode have no authentication at all. They respond to completely unauthenticated requests with sensitive data or allow state-changing operations. No account, no session, no API key needed. Verified against the latest version. Discord: sagi03581 Steps t...

8.3CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 2026/04/16 8:41 p.m.9 views

EUVD-2026-23000

Weblate: JavaScript localization CDN add-on allows arbitrary local file read outside the repository...

6.8CVSS5.9AI score0.00323EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/16 8:41 p.m.8 views

Weblate: JavaScript localization CDN add-on allows arbitrary local file read outside the repository

Impact The translation memory API exposed unintended endpoints, which in turn didn't do proper access control. Patches https://github.com/WeblateOrg/weblate/pull/18516 Workarounds The CDN add-on is not enabled by default. References Thanks to @spbavarva for reporting this responsibly via GitHub...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/04/09 8:28 p.m.9 views

Information Exposure

Overview gramps-webapi is an A RESTful web API for the Gramps genealogical database. Affected versions of this package are vulnerable to Information Exposure in the iter process. An attacker can access private sub-object data attached to otherwise-public objects by querying list API endpoints as ...

6.9CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:27 a.m.3 views

CVE-2025-62188

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including database credentials. This issue affects Apache DolphinScheduler versions 3.1.. Users are...

7.5CVSS6.9AI score0.01201EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 3:25 a.m.7 views

CVE-2026-1830

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

9.8CVSS6.7AI score0.03092EPSS
Exploits3References5
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.13 views

runZero Platform 安全漏洞

runZero Platform is an asset discovery and attack surface management platform developed by the US company runZero. Versions of runZero Platform prior to 4.0.260206.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could lead to unauthorized...

3CVSS5.8AI score0.00174EPSS
Exploits0References2
OSV
OSV
added 2026/04/06 7:58 a.m.2 views

BIT-NODE-MIN-2026-21711

A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...

5.3CVSS6.5AI score0.00146EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/28 11:10 p.m.4 views

CVE-2026-34369

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the getapivideofile and getapivideo API endpoints in AVideo return full video playback sources direct MP4 URLs, HLS manifests for password-protected videos without verifying the video password. While the normal we...

5.3CVSS5.9AI score0.00376EPSS
Exploits1References1
CVE
CVE
added 2026/03/26 5:29 p.m.19 views

CVE-2026-32857

Firecrawl versions 2.8.0 and earlier contain a server-side request forgery (SSRF) protection bypass in the Playwright scraping service. The issue arises because network policy validation is applied only to the initial user-supplied URL and not to subsequent redirected destinations, enabling an ex...

8.6CVSS5.8AI score0.00407EPSS
Exploits0References3
Rows per page
Query Builder