307047 matches found
CVE-2026-15746 Credential disclosure in Strands Agents Tools elasticsearch_memory tool
Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery SSRF issue i...
CVE-2026-15746 Credential disclosure in Strands Agents Tools elasticsearch_memory tool
Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery SSRF issue i...
CVE-2026-12997 Gravity Forms <= 2.10.4 - Unauthenticated Arbitrary File Read via 'gform_uploaded_files' Parameter
The Gravity Forms plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.10.4 via the 'gformuploadedfiles' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...
CVE-2026-12997 Gravity Forms <= 2.10.4 - Unauthenticated Arbitrary File Read via 'gform_uploaded_files' Parameter
The Gravity Forms plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.10.4 via the 'gformuploadedfiles' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...
CVE-2026-49987 Repomix: Command Injection (RCE) via `--remote-branch` Argument Injection
Repomix is a tool that packs repositories into AI-friendly files. Prior to 1.14.1, src/core/git/gitCommand.ts execGitShallowClone passes the --remote-branch value directly to git fetch and git checkout without validation or --end-of-options, allowing --upload-pack or other Git option injection th...
CVE-2026-49987 Repomix: Command Injection (RCE) via `--remote-branch` Argument Injection
Repomix is a tool that packs repositories into AI-friendly files. Prior to 1.14.1, src/core/git/gitCommand.ts execGitShallowClone passes the --remote-branch value directly to git fetch and git checkout without validation or --end-of-options, allowing --upload-pack or other Git option injection th...
CVE-2026-47158
A flaw was found in Vaultwarden, a Bitwarden-compatible server. An unauthenticated attacker could exploit a vulnerability in the Single Sign-On SSO authorization flow. This flaw, caused by improper binding of the OAuth state parameter to the browser session and inadequate cleanup of SSO...
Rapid7 MDR Team Discovers New SonicWall SMA1000 Zero Days being Actively Exploited (CVE-2026-15409, CVE-2026-15410)
Overview On July 14, 2026, SonicWall published a security advisory addressing two vulnerabilities affecting SMA1000 Series remote access appliances, including the critical server-side request forgery SSRF vulnerability CVE-2026-15409 CVSS 10.0 and the high-severity code injection vulnerability...
CVE-2026-60005
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...
CVE-2026-47158
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...
SuperAlts-Discord-Services-Pentest
SuperAlts Security Assessment Executive Summary This repo...
CVE-2026-60005 NGINX ngx_http_slice_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...
CVE-2026-60005 NGINX ngx_http_slice_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...
CVE-2026-60005
NGINX Plus and NGINX Open Source are affected by a vulnerability in the ngx_http_slice_module. When the slice directive and unnamed regex captures are configured, or during a background cache update, unauthenticated remote attackers can trigger uninitialized memory access in the worker process, p...
CVE-2026-60005
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...
EUVD-2026-44697
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...
CVE-2026-47158 Vaultwarden: CSRF in SSO Authorization Flow
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...
CVE-2026-47158 Vaultwarden: CSRF in SSO Authorization Flow
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...
CVE-2026-47158
CVE-2026-47158 – Vaultwarden (Rust) : A CSRF flaw in Vaultwarden’s SSO authorization flow prior to 1.36.0 allowed an unauthenticated attacker to induce IdP authentication and redeem tokens for a fully authenticated session. The root causes include: the OAuth state parameter from /connect/authoriz...
EUVD-2026-44693
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...