CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4293 matches found

OSV•added 2026/05/19 3:16 p.m.•2 views

DEBIAN-CVE-2026-8711

NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...

9.8CVSS6.2AI score0.00889EPSS

Exploits0References1

NVD•added 2026/05/19 3:16 p.m.•18 views

CVE-2026-8711

9.8CVSS0.00889EPSS

Exploits0References1

UbuntuCve•added 2026/05/19 3:16 p.m.•4 views

CVE-2026-8711

9.2CVSS6.1AI score0.00889EPSS

Exploits0References2

OSV•added 2026/05/19 3:16 p.m.•1 views

UBUNTU-CVE-2026-8711

9.8CVSS6.2AI score0.00889EPSS

Exploits0References4

OSV•added 2026/05/19 2:44 p.m.•4 views

GHSA-Q862-GCGQ-5M6G HAXcms createSite SSRF Enables Arbitrary File Read

Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...

7.1CVSS5.9AI score0.00238EPSS

Exploits0References3

Vulnrichment•added 2026/05/19 2:4 p.m.•4 views

CVE-2026-8711 NGINX JavaScript vulnerability

9.2CVSS6.2AI score0.00889EPSS

Exploits0References1

EUVD•added 2026/05/19 2:4 p.m.•8 views

EUVD-2026-30940

9.2CVSS6.3AI score0.00889EPSS

Exploits0References1

Cvelist•added 2026/05/19 2:4 p.m.•39 views

CVE-2026-8711 NGINX JavaScript vulnerability

9.2CVSS0.00889EPSS

Exploits0References1

CVE•added 2026/05/19 2:4 p.m.•40 views

CVE-2026-8711

Summary (CVE-2026-8711): NGINX JavaScript (njs) is vulnerable when the js_fetch_proxy directive uses at least one client-controlled variable (e.g., $http_, $arg_ , $cookie_*) and a location invokes ngx.fetch(). An unauthenticated remote attacker can send crafted HTTP requests that may trigger a h...

9.8CVSS6.2AI score0.00889EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/19 2:4 p.m.•4 views

CVE-2026-8711

9.2CVSS6.2AI score0.00889EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/05/19 2:4 p.m.•8 views

CVE-2026-8711

9.8CVSS6.2AI score0.00889EPSS

Exploits0

AlpineLinux•added 2026/05/19 2:4 p.m.•7 views

CVE-2026-8711

9.8CVSS6.2AI score0.00889EPSS

Exploits0

Positive Technologies•added 2026/05/19 12:0 a.m.•8 views

PT-2026-41939

Name of the Vulnerable Software and Affected Versions NGINX JavaScript affected versions not specified Description An issue exists when the 'js fetch proxy' directive is configured with at least one client-controlled NGINX variable, such as $http , $arg , or $cookie , and a location invokes the...

9.8CVSS6.5AI score0.00889EPSS

Exploits0References32

Positive Technologies•added 2026/05/19 12:0 a.m.•7 views

PT-2026-41825

The /api/v1/autotranslate.translateMessage endpoint in versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12 allows any authenticated user to retrieve the full content of any message from any room private groups, direct messages, channels by simply providing the target message ID...

5.3CVSS6.1AI score0.00252EPSS

Exploits0References2

Positive Technologies•added 2026/05/19 12:0 a.m.•6 views

PT-2026-41948

Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...

6.2CVSS5.9AI score0.00192EPSS

Exploits0References3

Positive Technologies•added 2026/05/19 12:0 a.m.•7 views

PT-2026-42040

Name of the Vulnerable Software and Affected Versions HAX CMS versions prior to 26.0.0 Description The NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the 'createSite' endpoint. This occurs because the createSite function passes a file...

6.5CVSS5.3AI score0.0024EPSS

Exploits0References5

Positive Technologies•added 2026/05/19 12:0 a.m.•7 views

PT-2026-42037

Summary The fetch-apify-docs tool validates URLs against a domain allowlist using String.startsWith instead of proper URL hostname comparison. This allows bypass via attacker-controlled subdomains e.g., https://docs.apify.com.evil.com/, enabling the tool to fetch and return arbitrary web content ...

6.1CVSS5.9AI score0.00045EPSS

Exploits0References3

Veracode•added 2026/05/16 5:32 a.m.•15 views

Server-Side Request Forgery

esm.sh is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation in the /https fetch route, where localhost and internal network protections rely on hostname string checks that can be bypassed using DNS alias domains, allowing attackers to induce...

8.6CVSS7.2AI score0.00339EPSS

Exploits1References4Affected Software1

Veracode•added 2026/05/16 5:25 a.m.•6 views

Server-Side Request Forgery

Arcane is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the /api/templates/fetch endpoint accepting a user-controlled url parameter and performing server-side HTTP requests without authentication or validation of the URL scheme and destination host, allowing...

7.2CVSS5.9AI score0.00621EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/05/15 8:37 p.m.•7 views

CVE-2026-45401 Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validateurl function in backend/openwebui/retrieval/web/utils.py only validates the initial URL submitted by the caller. The HTTP clients used downstream sync requests, async...

8.5CVSS5.8AI score0.00235EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by