Lucene search
K

623 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43050

Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6...

6.1AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 4 days ago4 views

CVE-2026-11909

Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6...

3.3CVSS0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-11909 Examples for Developers - Moderately critical - Access bypass - SA-CONTRIB-2026-044

Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6...

0.00142EPSS
Exploits0References1
OSV
OSV
added 4 days ago4 views

CVE-2026-11909 Examples for Developers - Moderately critical - Access bypass - SA-CONTRIB-2026-044

Missing Authorization vulnerability in Drupal Examples for Developers allows Forceful Browsing. This issue affects Examples for Developers versions: from 0.0.0 to 4.0.6...

3.3CVSS6.1AI score0.00142EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 5:7 p.m.8 views

DRUPAL-CONTRIB-2026-044

The Examples for Developers project aims to provide high-quality, well-documented API examples for a broad range of Drupal core functionality. The "Read from a file" feature implemented by the file\example submodule can be used to expose any file that PHP can access. Therefore, the file\example...

3.3CVSS5.6AI score0.00142EPSS
Exploits0References1
Drupal
Drupal
added 2026/06/10 12:0 a.m.14 views

Examples for Developers - Moderately critical - Access bypass - SA-CONTRIB-2026-044

The Examples for Developers project aims to provide high-quality, well-documented API examples for a broad range of Drupal core functionality. The "Read from a file" feature implemented by the fileexample submodule can be used to expose any file that PHP can access. Therefore, the fileexample...

5.5AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48592

Name of the Vulnerable Software and Affected Versions Examples for Developers versions 0.0.0 through 4.0.6 Description A missing authorization issue allows forceful browsing. Specifically, the "Read from a file" feature within the file example submodule can be used to expose any file that PHP can...

6.1AI score0.00142EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/09 2:17 p.m.13 views

Malicious Package

Overview @doaction/examples is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.13 views

Malicious code in @doaction/examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361bc047872fceb7885c47404eef734b43ce8e5e7f13554e79d011be6f383339 @doaction/[email protected] declares preinstall: node scripts/postinstall.js in package.json, which requires @doaction/shared/bin/postinstall.js. The...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/09 2:17 p.m.9 views

MAL-2026-5372 Malicious code in @doaction/examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361bc047872fceb7885c47404eef734b43ce8e5e7f13554e79d011be6f383339 @doaction/[email protected] declares preinstall: node scripts/postinstall.js in package.json, which requires @doaction/shared/bin/postinstall.js. The...

5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/29 10:27 p.m.29 views

PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings

Summary PraisonAI's spidertools URL validation can be bypassed using alternate loopback host encodings. The affected component is: text praisonaiagents/tools/spidertools.py The tool contains a URL validation function intended to block local or unsafe targets before fetching attacker-controlled...

6.2AI score0.00014EPSS
Exploits0References2Affected Software2
GithubExploit
GithubExploit
added 2026/05/17 7:22 p.m.151 views

Exploit for CVE-2026-42945

CVE-2026-42945-NGINX-Rift bash Basic usage with target I...

9.2CVSS6AI score0.61469EPSS
Exploits40
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799798...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4), com.datasqrl:sqrl-planner (>=0.9.0 <=0.10.4) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (=2.2.0)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-planner2.12 and may be impacted: - com.datasqrl:sqrl-discovery =0.9.0, =0.9.0, =0.9.0, =0.2.0, =0.2.0, =0.2.0,...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

org.apache.doris:flink-doris-connector-2.0 (>=26.0.0 <=26.1.1), org.apache.flink:flink-examples-table_2.12 (>=2.0.0 <=2.0.1) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-runtime MAVEN version =2.0.0, =26.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

org.apache.flink:flink-examples-table_2.12 (>=2.0.0 <=2.0.1) potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.0.0, =2.0.0, =2.0.1 Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/12 5:22 p.m.16 views

acegisecurity:acegi-security-catalina (>=0.7.0 <=0.9.0), ch.qos.logback:logback-access (>=${parent.version} <=0.8) +40 more potentially affected by CVE-2026-43515 via tomcat:catalina (>=4.0.6 <=5.5.9)

tomcat:catalina MAVEN version =4.0.6, =0.7.0, =$parent.version, =0.6, =3.2.10-1-SP3seam2hibernate5, =1.5, =1.0, =1.0, =1.0.0, =4.7.1, =4.7.2 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta -...

9.1CVSS7.2AI score0.01136EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.14 views

Information Theoretic Adversarial Training of Large Language Models

Large language models LLMs remain vulnerable to adversarial prompting despite advances in alignment and safety, often exhibiting harmful behaviors under novel attack strategies. While adversarial training can improve robustness, existing approaches are computationally expensive and difficult to...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/03 1:18 p.m.100 views

Exploit for Missing Authentication for Critical Function in Cpanel

POCCVE-2026-41940 Quick start bash python3 pocCVE-202...

9.8CVSS6AI score0.981EPSS
Exploits64
Rows per page
Query Builder