Lucene search
+L

274 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-45195

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS5.4AI score
Exploits0References2
Cvelist
Cvelist
added 2026/07/11 3:44 a.m.30 views

CVE-2026-2354 Swiss Toolkit For WP <= 1.4.6 - Authenticated (Author+) Arbitrary File Upload via upload_extension_files()

The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a flawed file type validation bypass in the uploadextensionfiles function in all versions up to, and including, 1.4.6. The uploadextensionfiles function hooks into WordPress's wpcheckfiletypeandext filter...

8.8CVSS0.00553EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/11 3:44 a.m.6 views

EUVD-2026-43133

The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a flawed file type validation bypass in the uploadextensionfiles function in all versions up to, and including, 1.4.6. The uploadextensionfiles function hooks into WordPress's wpcheckfiletypeandext filter...

8.8CVSS6.5AI score0.00553EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/11 12:0 a.m.11 views

PT-2026-57395

Name of the Vulnerable Software and Affected Versions Swiss Toolkit For WP versions prior to 1.4.7 Description An arbitrary file upload issue exists due to flawed file type validation in the upload extension files function. The function uses strpos to check if a filename contains a configured...

8.8CVSS6.3AI score0.00553EPSS
Exploits0References11
OSV
OSV
added 2026/06/24 9:1 p.m.3 views

CVE-2026-33543 FOSSBilling: Authentication bypass allows unauthenticated administrator creation

FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...

9.3CVSS5.9AI score0.00289EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/15 4:21 p.m.6 views

CVE-2026-20262 Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...

6.5CVSS5.6AI score0.07683EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/06/10 8:3 p.m.29 views

CVE-2026-44692 Authenticated Sharp users can download unrelated Laravel Storage objects through the generic download endpoint

Sharp is a content management framework built for Laravel as a package. Prior to version 9.22.0, Sharp exposes a generic download endpoint that authorizes access only to the supplied Sharp entity instance, but then reads the target storage disk and path from request parameters. Because the...

7.7CVSS0.00262EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

WordPress plugin Doctreat Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.5AI score0.00494EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper handling of permissions for external interfaces and the configuration ite...

3.5CVSS5.3AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 8:12 a.m.15 views

CVE-2026-49000

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

7CVSS5.9AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 5:16 p.m.21 views

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

5.5CVSS0.00136EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 5:16 a.m.18 views

CVE-2026-49000

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

7CVSS0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43492

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

5.3CVSS5.9AI score0.00121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-41094

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.168 Description An inappropriate implementation in Downloads allows an attacker to perform UI spoofing via a crafted Chrome Extension, provided they can convince a user to install a malicious...

8.8CVSS5.8AI score0.00498EPSS
Exploits0References85
EUVD
EUVD
added 2026/05/12 9:31 a.m.40 views

EUVD-2026-29399

The Smart Appointment & Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and a nonce validation logic flaw in the saabcancelbooking function in all versions up to, and including, 1.0.8. The nonce check uses && AND instead of || OR,...

5.3CVSS5.9AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:48 a.m.6 views

CVE-2026-5693

The Smart Appointment & Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and a nonce validation logic flaw in the saabcancelbooking function in all versions up to, and including, 1.0.8. The nonce check uses && AND instead of || OR,...

5.3CVSS5.9AI score0.00228EPSS
Exploits0References5
NVD
NVD
added 2026/05/11 8:25 p.m.14 views

CVE-2026-42885

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/filesystem/pathexists endpoint uses String.startsWith to validate that a resolved file path is within a library folder. This check fails for sibling directories whose names share a common prefix e.g.,...

4.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 12:0 a.m.35 views

CVE-2026-40214

In OpenStack Cyborg before 16.0.1, the Accelerator Request ARQ API does not enforce project ownership at any layer. The projectid column in the database is never populated NULL for every ARQ, database queries have no project filtering, and policy checks are self-referential the authorizewsgi...

6.3CVSS0.00206EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.16 views

CVE-2026-5113

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Consent field hidden inputs in versions up to and including 2.10.0. This is due to a flawed state validation mechanism that fails open when input is sanitized by wpkses, combined with insufficient output...

7.2CVSS6AI score0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/20 11:3 p.m.3 views

CVE-2026-34082

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

5.3CVSS5.7AI score0.00188EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder