Lucene search
+L

1436 matches found

CVE
CVE
added 2026/05/20 7:27 p.m.26 views

CVE-2026-39352

Frappe is affected by an Arbitrary File Read via Path Traversal in render_include. Versions prior to 15.105.0 and 16.15.0 are vulnerable; the issue is resolved in 16.15.0, 15.105.0 and later. Affected software: Frappe framework (full-stack web app). Root cause: path traversal in render_include en...

8.7CVSS5.8AI score0.01279EPSS
Exploits0References2
CVE
CVE
added 2026/05/20 9:21 a.m.47 views

CVE-2026-42960

Unbound CVE-2026-42960 affects versions up to 1.25.0. The vulnerability arises from poisoning attempts using promiscuous RRSets in the authority section; an attacker could spoof replies or leverage fragmentation to inject non-NS address records in the additional section and have Unbound cache the...

10CVSS5.7AI score0.00249EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/19 7:3 p.m.18 views

EUVD-2026-30972

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

6.5CVSS5.7AI score0.00301EPSS
Exploits1References1
NVD
NVD
added 2026/05/18 9:16 p.m.19 views

CVE-2026-25244

WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and Appium. Versions below 9.24.0 contain a command injection vulnerability leading to remote code execution RCE in test orchestration. Git permits branch names containing shell...

9.8CVSS0.02799EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/05/15 7:41 p.m.49 views

CVE-2026-44559 Open WebUI: Missing Access Check on Channel Members Endpoint for Standard Channels

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET /api/v1/channels/id/members endpoint only checks membership for group and dm channel types lines 467-469. For standard channels — including private ones — there is no...

4.3CVSS0.00221EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 5:16 p.m.14 views

CVE-2026-45539

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...

7.4CVSS0.00654EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 12:0 p.m.16 views

RUSTSEC-2026-0142 Double-free in `vmem` storage reachable from safe Rust (predecessor of `oneringbuf`)

mutringbuf is the archived predecessor of oneringbuf — the crate was renamed and the GitHub repository was archived on 2025-11-20. All released versions up to 1.0.0 carry the same vmem-feature double-free bug that affects oneringbuf, with the same code paths and the same reproduction shape. When...

5.9AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/13 8:30 p.m.9 views

CVE-2026-44372 Nitro: Open Redirect via Protocol-Relative URL Bypass in Wildcard Route Rules

Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could turn a redirect route rule using wildcards rewrite into a cross-host redirect by sliding an extra slash in after the rule prefix. This vulnerability is fixed in 3.0.260429-beta...

5.3CVSS5.8AI score0.00237EPSS
Exploits0References4
NVD
NVD
added 2026/05/13 7:17 p.m.13 views

CVE-2026-42582

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoderdecodeHuffmanEncodedLiteral may execute new bytelength for a string literal before verifying that length byt...

7.5CVSS0.00437EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/13 6:0 p.m.37 views

CVE-2026-42577 Netty: epoll transport denial of service via RST on half-closed TCP connection

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

7.5CVSS0.00408EPSS
Exploits0References3
NVD
NVD
added 2026/05/13 5:16 p.m.21 views

CVE-2026-44574

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the...

8.1CVSS0.00496EPSS
Exploits2References7
NVD
NVD
added 2026/05/13 4:16 p.m.44 views

CVE-2026-44292

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the proto key. If an application constructed a message from an...

5.3CVSS0.00264EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:33 p.m.6 views

CVE-2026-44302

Snappier is a high performance C implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. This vulnerability is fixed in 1.3.1...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/12 3:31 p.m.23 views

EUVD-2026-29466

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3...

5.8AI score0.00298EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 9:5 p.m.34 views

CVE-2026-43887 Outline: Stored XSS via Comment Mentions

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, the Outline comment section permits users to mention other users; however, the backend does not validate or sanitize the href attribute associated with these mentions. As a result, potentially dangerous...

7.3CVSS0.00245EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/11 6:16 p.m.31 views

PYSEC-2026-128

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .. after replacement partial removal, leaving .. which can be exploited when the path is later resolve...

6.5CVSS5.8AI score0.00342EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 5:1 p.m.11 views

CVE-2026-44659 Zen Browser Mac - Address Bar Spoofing via Long Subdomain

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

4.7CVSS5.8AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2026/05/08 4:16 p.m.6 views

UBUNTU-CVE-2026-41070

openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...

10CVSS5.7AI score0.00438EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/07 11:53 a.m.7 views

CVE-2026-42285

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent...

7.5CVSS5.8AI score0.00418EPSS
Exploits1References3
NVD
NVD
added 2026/05/05 8:16 p.m.10 views

CVE-2026-35397

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured rootdir and access sibling directories whose names begin with the same prefix as the rootdir. For exampl...

8.8CVSS0.00583EPSS
Exploits2References4
Rows per page
Query Builder