Lucene search
K

301 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-15489

A vulnerability was identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this vulnerability is an unknown functionality of the file proses/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack i...

7.5CVSS0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-58492 grav-plugin-database: SQL Injection in PDO::tableExists() due to Unsanitized Table Name Interpolation

grav-plugin-database is the database plugin for Grav CMS. Prior to 1.2.0, the PDO::tableExists method interpolates its table argument directly into a raw SQL query string without sanitization, escaping, quoting, or whitelisting, allowing attacker-controlled table names passed by consuming plugin ...

9.2CVSS0.00302EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 a.m.11 views

CVE-2026-9711

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress full is vulnerable to SQL Injection via the WordPress 'search' parameter in versions up to, and including, 5.0.11 due to insufficient escaping on the user supplied parameter and lack of preparation on the existing SQL quer...

9.8CVSS0.00438EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 9:31 a.m.7 views

EUVD-2026-40273

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress full is vulnerable to SQL Injection via the WordPress 'search' parameter in versions up to, and including, 5.0.11 due to insufficient escaping on the user supplied parameter and lack of preparation on the existing SQL quer...

9.8CVSS5.8AI score0.00438EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 12:18 p.m.10 views

MAL-2026-5502 Malicious code in graphbase-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bcdb883b3cbdcf4216f99f55d52d1b93db24271ddcf4a1e232f444a75709f76a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 1:11 a.m.13 views

MINI-6VMF-W8PM-3Q3P

Bulletin has no description...

5.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/08 8:58 a.m.15 views

CVE-2026-11455

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

5CVSS5.2AI score0.00936EPSS
Exploits0References1
OSV
OSV
added 2026/06/07 3:45 p.m.7 views

MINI-23R6-GCFM-C3CC

Bulletin has no description...

6.5CVSS5.2AI score0.00196EPSS
Exploits0
OSV
OSV
added 2026/06/07 7:0 a.m.3 views

CVE-2026-11455 FoundationAgents MetaGPT common.py check_cmd_exists command injection

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

2.3CVSS5.4AI score0.00936EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/07 7:0 a.m.10 views

CVE-2026-11455

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

5CVSS5.2AI score0.00936EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.18 views

PT-2026-47177

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions prior to 0.8.3 Description Command injection is possible via the mermaid.path argument in the check cmd exists function located in the metagpt/utils/common.py file. This issue allows a remote attacker to execu...

5CVSS6AI score0.00936EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.11 views

CVE-2026-42885

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/filesystem/pathexists endpoint uses String.startsWith to validate that a resolved file path is within a library folder. This check fails for sibling directories whose names share a common prefix e.g.,...

4.3CVSS5.5AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:20 p.m.7 views

CGA-MPQ5-9468-45Q5

Bulletin has no description...

8.8CVSS5.2AI score0.0028EPSS
Exploits0
OSV
OSV
added 2026/06/05 10:43 a.m.5 views

MINI-CJ5J-CWWC-3J76

Bulletin has no description...

9.1CVSS5.1AI score0.00466EPSS
Exploits0
OSV
OSV
added 2026/06/04 12:22 p.m.6 views

MINI-CFM6-6RMX-76XX

Bulletin has no description...

9.1CVSS5.7AI score0.0036EPSS
Exploits0
OSV
OSV
added 2026/06/04 12:17 p.m.12 views

MINI-9JH3-25F3-8CJJ

Bulletin has no description...

5.3CVSS5.7AI score0.00313EPSS
Exploits0
OSV
OSV
added 2026/06/02 9:47 p.m.13 views

ECHO-31D2-9DC5-9987

Bulletin has no description...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-42250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bzip2 contains an offbyone error in the bzip2recover utility. When processing a specially crafted file, the application performs an outofbounds write to a globa...

4.8CVSS5.6AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/30 11:45 p.m.38 views

CVE-2026-10156 Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

5.3CVSS0.00277EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-45960

In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References11
Rows per page
Query Builder