Lucene search
+L

2050143 matches found

packetstormnews
packetstormnews
added 2026/12/29 12:0 a.m.364 views

GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

6.8AI score
Exploits0
githubexploit
githubexploit
added 17 minutes ago2 views

web-scanner

🛡️ Web Scanner A native macOS app that scans a website for...

6.1AI score
Exploits0
thn
thn
added 50 minutes ago3 views

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext. A researcher publishing under th...

6.2AI score
Exploits0
nvd
nvd
added 56 minutes ago4 views

CVE-2026-15407

The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS
Exploits0References10
nvd
nvd
added 57 minutes ago2 views

CVE-2026-15008

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the frtoken function in all versions up to, and including, 7.3.1.4. This makes it possible for...

8.1CVSS
Exploits0References7
thn
thn
added 1 hour ago3 views

OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol

OpenAI has disclosed details of GPT-Red , an internal automated red-teaming model that scales prompt injection vulnerability discovery with an aim to fix issues before the tools are deployed widely. "GPT‑Red is a strong red-teamer, and our previous models are highly vulnerable to its prompt...

6.1AI score
Exploits0
githubexploit
githubexploit
added 1 hour ago2 views

Exploit for Deserialization of Untrusted Data in Facebook React

Next.js RSC RCE Exploit Tool CVE-2025-55182 !https://soc...

10CVSS7.3AI score0.99562EPSS
Exploits375
redhatcve
redhatcve
added 1 hour ago5 views

CVE-2026-59198

A flaw was found in Pillow, a Python imaging library. When saving a mode 1 image with TGA RLE compression, the TGA RLE encoder reads beyond its allocated memory buffer. This out-of-bounds read allows adjacent process heap memory to be copied into the generated TGA file, potentially leading to...

7.5CVSS6AI score0.00313EPSS
Exploits1References7
redhatcve
redhatcve
added 2 hours ago3 views

CVE-2026-50144

A flaw was found in ncnn, a high-performance neural network inference framework. A remote attacker could craft a malicious model file that, when processed by a user, triggers an out-of-bounds heap write. This vulnerability in the ncnn::ParamDict::loadparam function is caused by insufficient...

7.1CVSS6.4AI score0.00018EPSS
Exploits0References2
cvelist
cvelist
added 2 hours ago7 views

CVE-2026-15008 Uncanny Automator <= 7.3.1.4 - Unauthenticated PHP Object Injection to Arbitrary File Deletion via Forminator Submitted-Field Token

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the frtoken function in all versions up to, and including, 7.3.1.4. This makes it possible for...

8.1CVSS
Exploits0References7
cvelist
cvelist
added 2 hours ago4 views

CVE-2026-15407 Themify Builder <= 7.7.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Stylesheet Write/Delete via tb_generate_on_fly AJAX Action

The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS
Exploits0References10
cve
cve
added 2 hours ago6 views

CVE-2026-15008

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the frtoken function in all versions up to, and including, 7.3.1.4. This makes it possible for...

8.1CVSS6.5AI score
Exploits0References7
cve
cve
added 2 hours ago6 views

CVE-2026-15407

The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.2AI score
Exploits0References10
euvd
euvd
added 2 hours ago2 views

EUVD-2026-44889

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the frtoken function in all versions up to, and including, 7.3.1.4. This makes it possible for...

8.1CVSS6.5AI score
Exploits0References7
euvd
euvd
added 2 hours ago2 views

EUVD-2026-44891

The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.2AI score
Exploits0References10
redhat
redhat
added 2 hours ago4 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

6AI score0.00174EPSS
Exploits0References5
nvd
nvd
added 2 hours ago4 views

CVE-2026-12979

The FunnelKit WordPress plugin before 3.15.0.6 does not validate a user-supplied path before deleting a file during a template-import operation, allowing users with administrator privileges to delete arbitrary .json files outside the intended directory through path traversal, which can disable...

Exploits0References1
nvd
nvd
added 2 hours ago2 views

CVE-2026-15925

Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this by...

9.2CVSS
Exploits0References1
patchstack
patchstack
added 3 hours ago3 views

WordPress Instant Appointment plugin <= 1.2 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Random Robbie in WordPress Plugin Instant Appointment versions = 1.2...

9.8CVSS6.1AI score0.00744EPSS
Exploits1References1Affected Software1
redhatcve
redhatcve
added 3 hours ago2 views

CVE-2026-59204

A flaw was found in Pillow, a Python imaging library. A remote attacker could exploit this vulnerability by providing a specially crafted JPEG2000 image file. Due to incorrect calculation of memory requirements for image tiles, processing this file can lead to excessive memory consumption,...

8.7CVSS6AI score0.00398EPSS
Exploits1References7
Rows per page
Query Builder