Lucene search
K

13479 matches found

NVD
NVD
added 6 hours ago4 views

CVE-2026-9619

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS
Exploits0References6
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-38666

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS5.7AI score
Exploits0References6
CVE
CVE
added 8 hours ago5 views

CVE-2026-9619

CVE-2026-9619 affects the Reviews and Rating – Docplanner WordPress plugin, vulnerable in all versions up to 1.1.4 due to insufficient authorization checks for an action (sync_reviews AJAX). This allows authenticated users with subscriber-level access and above to trigger outbound scraping, write...

4.3CVSS5.7AI score
Exploits0References6
Nuclei
Nuclei
added 11 hours ago82 views

GeoServer OGC Filter - SQL Injection

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS7.3AI score0.85247EPSS
Exploits2References5
Nuclei
Nuclei
added 11 hours ago6 views

phpVMS < 7.0.6 - Legacy Importer Authorization Bypass

phpVMS 7.0.6 contains an authentication bypass caused by unauthenticated access to a legacy import feature, letting unauthenticated attackers access restricted functionality, exploit requires no special privileges. id: CVE-2026-42569 info: name: phpVMS 7.0.6 - Legacy Importer Authorization Bypass...

9.4CVSS5.8AI score0.01173EPSS
Exploits1References3
Nuclei
Nuclei
added 11 hours ago55 views

XWiki < 4.10.20 - Remote code execution

XWiki is vulnerable to a remote code execution RCE attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have user...

10CVSS8.2AI score0.9348EPSS
Exploits1References2
Chainguard
Chainguard
added yesterday6 views

CVE-2026-41579 vulnerabilities

Vulnerabilities for packages: buildah-fips, prometheus-podman-exporter, nvidia-container-toolkit, sriov-network-device-plugin, k8s-device-plugin-fips, rancher-agent, podman-fips, node-feature-discovery, sriov-network-device-plugin-fips, k8s-device-plugin, node-feature-discovery-fips...

5.8AI score0.00011EPSS
Exploits0
Chainguard
Chainguard
added yesterday4 views

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: buildah-fips, prometheus-podman-exporter, nvidia-container-toolkit, sriov-network-device-plugin, k8s-device-plugin-fips, rancher-agent, podman-fips, node-feature-discovery, sriov-network-device-plugin-fips, k8s-device-plugin, node-feature-discovery-fips...

5.8AI score
Exploits0
Wolfi
Wolfi
added yesterday5 views

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: sriov-network-device-plugin, k8s-device-plugin, nvidia-container-toolkit, rancher-agent, node-feature-discovery...

5.8AI score
Exploits0
Wolfi
Wolfi
added yesterday7 views

CVE-2026-41579 vulnerabilities

Vulnerabilities for packages: sriov-network-device-plugin, k8s-device-plugin, nvidia-container-toolkit, rancher-agent, node-feature-discovery...

5.8AI score0.00011EPSS
Exploits0
Vulnrichment
Vulnrichment
added 4 days ago4 views

CVE-2026-48939 Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15

A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution...

10CVSS6AI score0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-48939 Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15

A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution...

10CVSS0.004EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago13 views

PT-2026-51172

Name of the Vulnerable Software and Affected Versions vLLM versions 0.10.2 through 0.12.x Description Multimodal embeddings processing lacks sparse tensor validation. Since PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests containing...

8.8CVSS5.9AI score0.00288EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 5 days ago4 views

CVE-2026-50519 Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability

...

6.5CVSS5.8AI score0.00525EPSS
Exploits0References1
CVE
CVE
added 5 days ago17 views

CVE-2026-48787

CVE-2026-48787 affects gin-vue-admin (AI-assisted basic development platform) in version 2.9.1. An authenticated attacker with access to the code-generation feature and MCP management interface can inject attacker-controlled Go source code via POST /autoCode/addFunc, then trigger a rebuild of the...

8.7CVSS6.6AI score0.0047EPSS
Exploits0References1
AstraLinux
AstraLinux
added 5 days ago2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: Fixed the issue of null pointer dereferencing in RTC features. When there is no interrupt line, the RTC alarm feature is disabled. The clearing of the alarm feature bit was performed before allocating the ldata-rtc...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References1
AstraLinux
AstraLinux
added 5 days ago4 views

Astra Linux – Vulnerability in Intel Microcode

Improper input validation in the XmlCli feature for UEFI firmware on some Intel processors may allow a privileged user to potentially enable privilege escalation through local access...

8.7CVSS7.2AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 5 days ago3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fpga: Prevent integer overflow in dflfeatureioctlsetirq The multiplication hdr.count sizeofs32 can cause integer overflow on 32-bit systems, leading to memory corruption. Use arraysize to fix this issue...

5.3AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 5 days ago3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an assertion issue when building the free space tree. When building the free space tree with the block group tree feature enabled, an assertion failure may occur like this: BTRFS info device loop0 state M: rebuilding...

5.5CVSS5.7AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 5 days ago4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4prepareInlinedata When running the following code on an ext4 filesystem with the inlinedata feature enabled, the following bug will occur. fd = open"file1", ORDWR | OCREAT | OTRUNC, 0666;...

5.5CVSS6.5AI score0.00151EPSS
Exploits0References2
Rows per page
Query Builder