Lucene search
K

3615 matches found

NVD
NVD
added yesterday3 views

CVE-2026-22097

The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload arbitrary files which can then lead to arbitrary code execution...

9.3CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-22096

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...

9.3CVSS0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-22096 Missing authentication for webserver endpoints

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...

9.3CVSS0.00422EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-22096

CVE-2026-22096 concerns a webserver running on port 8090 that does not require authentication, enabling sensitive information leakage (e.g., configured passwords) and file uploads via multiple endpoints. The Connected documents provide the same description across NVD and CVE records, with no vend...

9.3CVSS6.1AI score0.00422EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday44 views

Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload

Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...

9.8CVSS7.2AI score0.54254EPSS
Exploits7References2
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-56814

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS6.1AI score0.00579EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-56814 Plug: multipart :length limit is not charged for part headers, enabling unbounded temp-file creation (denial of service)

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS0.00579EPSS
Exploits0References9
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-42790

The Instant Appointment plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'insappuploadimageasattachment' function in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS6.7AI score0.00744EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 5 days ago4 views

The vulnerability of the browse.ajaxAddPicture method in the PageBuilder CK extension of the Joomla content management system allows a malicious actor to gain unauthorized access to protected information, upload arbitrary files, and execute arbitrary code.

The vulnerability of the browse.ajaxAddPicture method in the PageBuilder CK extension of the Joomla content management system is related to the unlimited loading of dangerous files due to improper access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

10CVSS6.4AI score0.02912EPSS
Exploits4References7Affected Software1
CVE
CVE
added 6 days ago12 views

CVE-2026-8801

Technical details about CVE-2026-8801 are not publicly available in the provided documents. Monitor for further updates from vendors and standard CVE sources.

9.8CVSS5.9AI score0.00311EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago7 views

CVE-2026-59807

CVE-2026-59807 affects Composio SDK prior to 0.2.32-beta.283. A path validation bypass in readFileFromDisk (tool-file-uploads.ts) can enable an attacker to read and exfiltrate sensitive files by manipulating file_uploadable parameters via prompt injection, referencing sensitive paths such as SSH ...

8.9CVSS6AI score0.00289EPSS
Exploits0References5
NVD
NVD
added 6 days ago9 views

CVE-2026-14489

The WHMCS Bridge plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the connect function in all versions up to, and including, 6.9. This makes it possible for authenticated attackers, with Custom-level access and above, to upload arbitrary files on...

8.8CVSS0.00561EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56569

Name of the Vulnerable Software and Affected Versions Composio SDK versions prior to 0.2.32-beta.283 Description A path validation bypass allows attackers to read and exfiltrate sensitive files. This occurs due to a missing assertSafeFileUploadPath check in the readFileFromDisk function within...

8.9CVSS6.1AI score0.00289EPSS
Exploits0References8
NVD
NVD
added last week7 views

CVE-2026-55078

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, POST /api/v2/files converts zip uploads to tar in memory via CreateTarFromZip, which enforced a per-entry size limit but no...

6.5CVSS0.00602EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-55078

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, POST /api/v2/files converts zip uploads to tar in memory via CreateTarFromZip, which enforced a per-entry size limit but no...

6.5CVSS6AI score0.00602EPSS
Exploits0References7Affected Software1
Nuclei
Nuclei
added last week85 views

Cisco VPN Routers - Unauthenticated Arbitrary File Upload

A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...

9.8CVSS6.9AI score0.88874EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/07 5:34 a.m.5 views

CVE-2026-57871

Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS6AI score0.00361EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 3:3 a.m.4 views

CVE-2026-42145 Coolify: File Upload Without Type or Size Validation in Database Backup Restore

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the file upload endpoint app/Http/Controllers/UploadController.php for database backup restore uploads did not enforce file type or size validation, allowing an authenticat...

3.1CVSS5.9AI score0.0025EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-56068

Name of the Vulnerable Software and Affected Versions Coder versions 2.17.0 through 2.29.6 Coder versions 2.32.0 through 2.32.6 Coder versions 2.33.0 through 2.33.7 Coder versions 2.34.0 through 2.34.1 Description The POST /api/v2/files endpoint converts zip uploads to tar in memory using the...

6.5CVSS6.4AI score0.00602EPSS
Exploits0References14
NVD
NVD
added 2026/07/05 5:16 a.m.11 views

CVE-2026-14698

A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00209EPSS
Exploits0References6
Rows per page
Query Builder