Lucene search
K

150 matches found

NVD
NVD
added 6 hours ago4 views

CVE-2026-56273

Flowise before 3.1.0 contains a path traversal vulnerability in Faiss and SimpleStore vector store implementations that accept unsanitized basePath parameters from authenticated users. Attackers with valid API tokens can write vector store data to arbitrary filesystem locations, potentially...

6.5CVSS
Exploits0References2
NVD
NVD
added yesterday9 views

CVE-2026-58473

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS
Exploits0References4
CVE
CVE
added yesterday15 views

CVE-2026-46672

The CVE-2026-46672 entry describes a local CSV formula-injection flaw in the @actual-app/cli before version 26.6.0. The CLI uses a hand-rolled CSV serializer in packages/cli/src/output.ts with an escapeCsv that only neutralizes RFC 4180 delimiters (comma, quote, newline) and does not neutralize c...

4.6CVSS6.1AI score0.00017EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 3:59 p.m.8 views

EUVD-2026-40363

Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users to exfiltrate arbitrary database contents by supplying malicious values to the sqlfilters query parameter in the setup dictionary and multicurrencies REST API endpoints. Th...

7.6CVSS6AI score0.00221EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 3:58 p.m.6 views

CVE-2026-13748

Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake services. An attacker could exploit this by supplying crafted repository or project content that referenced files outside the intended...

6.3CVSS6AI score0.00139EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/22 12:0 a.m.31 views

CVE-2025-66389

GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder without user approval via a file-handler URI parameter to fetchwebpage. Therefore, exfiltration could occur if there is indirect prompt injection...

0.00853EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/22 12:0 a.m.6 views

EUVD-2025-210298

GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder without user approval via a file-handler URI parameter to fetchwebpage. Therefore, exfiltration could occur if there is indirect prompt injection...

7.5CVSS5.9AI score0.00853EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50501

Name of the Vulnerable Software and Affected Versions Splunk AI Toolkit versions prior to 5.7.4 Description A low-privileged user without "admin" or "power" Splunk roles can force the application to make outbound HTTP requests to an attacker-controlled server, potentially leading to data...

4.3CVSS5.9AI score0.00217EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-31978

HCL BigFix Service Management SM does not adequately sanitize or safely render spreadsheet files CSV, XLS, XLSX before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when...

4.6CVSS5.5AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.17 views

CVE-2026-39360

RustFS is a distributed object storage system built in Rust. Prior to alpha.90, RustFS contains a missing authorization check in the multipart copy path UploadPartCopy. A low-privileged user who cannot read objects from a victim bucket can still exfiltrate victim objects by copying them into an...

5.3CVSS5.4AI score0.00201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:14 a.m.17 views

CVE-2026-4035

A flaw was found in MLflow. This vulnerability allows an attacker to exfiltrate sensitive server-side environment credentials. It occurs because the AI Gateway secrets can resolve environment variables, which are then sent to an attacker-controlled endpoint. This could lead to unauthorized access...

9.1CVSS5.6AI score0.00435EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.22 views

PT-2026-46137

Name of the Vulnerable Software and Affected Versions OpenStack Mistral versions prior to 22.0.0 Description An issue exists where a policy enforcement bypass allows arbitrary remote code execution when the API is exposed. Specific API endpoints do not properly validate user-supplied inputs,...

9.9CVSS6.5AI score0.00733EPSS
Exploits0References23
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.43 views

CVE-2026-41283

OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...

9.9CVSS0.00733EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 10:51 p.m.36 views

CVE-2026-41412 alf.io vulnerable to Arbitrary File Read and Exfil via simpleHttpClient Extension Script

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP client simpleHttpClient into every extension script's scope. The postFileAndSaveResponse method accep...

4.9CVSS0.00317EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/02 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

9.8CVSS5.6AI score
Exploits0References2
EUVD
EUVD
added 2026/05/29 4:41 p.m.13 views

EUVD-2026-33364

MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...

7.7CVSS5.9AI score0.0025EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/29 10:36 a.m.9 views

CVE-2026-9809

A stored Cross-Site Scripting XSS vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views such as campaigns, emails, or forms, user-supplied project names are rendered without proper sanitization. An authenticated user...

7.6CVSS5.8AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 8:12 p.m.14 views

CVE-2026-48146

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.22 views

CVE-2026-48146

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

7.7CVSS0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 5:0 p.m.14 views

CVE-2026-48146 Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder