Lucene search
K

385 matches found

OSV
OSV
added 2026/07/06 8:16 p.m.4 views

DEBIAN-CVE-2026-50134

Hugo is a static site generator. From 0.91.0 until 0.162.0, resources.GetRemote enforces security.http.urls on the URL it is called with, but it did not re-validate intermediate URLs on HTTP 3xx redirects. An allowed server or an attacker controlling its DNS or response could therefore redirect t...

5.8CVSS5.9AI score0.00249EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/06 7:42 p.m.6 views

CVE-2026-50134

Hugo is a static site generator. From 0.91.0 until 0.162.0, resources.GetRemote enforces security.http.urls on the URL it is called with, but it did not re-validate intermediate URLs on HTTP 3xx redirects. An allowed server or an attacker controlling its DNS or response could therefore redirect t...

6.3CVSS5.9AI score0.00249EPSS
Exploits0
NVD
NVD
added 2026/07/05 6:16 a.m.10 views

CVE-2026-14714

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...

6.9CVSS0.00453EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/05 5:30 a.m.14 views

EUVD-2026-41729

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...

6.9CVSS6.2AI score0.00453EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/05 5:30 a.m.30 views

CVE-2026-14714 zhayujie chatgpt-on-wechat CowAgent wx Endpoint common.py verify_server missing authentication

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...

6.9CVSS0.00453EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.4 views

org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML outpu...

7.5CVSS5.9AI score0.0086EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/07/01 11:9 a.m.6 views

DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization

A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and...

6.1CVSS7.5AI score0.00313EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/06/29 5:21 p.m.37 views

CVE-2026-57954 Elide 7.1.17 - Permission Bypass in Sort Expression Validation

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across...

5.3CVSS0.00168EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 5:21 p.m.4 views

CVE-2026-57954 Elide 7.1.17 - Permission Bypass in Sort Expression Validation

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across...

5.3CVSS6AI score0.00168EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53672

Name of the Vulnerable Software and Affected Versions Elide versions prior to 7.1.18 Description Insufficient enforcement of @ReadPermission within the getValidSortingRules function of SortingImpl allows attackers to use forbidden fields in client-supplied sort expressions. By analyzing the...

5.3CVSS5.9AI score0.00168EPSS
Exploits0References6
OSV
OSV
added 2026/06/23 1:7 p.m.4 views

OPENSUSE-SU-2026:21154-1 Security update for ofono

This update for ofono fixes the following issues: Changes in ofono: - Reference the tracking bugs for the SMS/STK/USSD decoder security fixes applied upstream across the 2.14-2.17 updates: SMS decoder stack buffer overflows: CVE-2023-2794 boo1218292, CVE-2023-4232 boo1218293, CVE-2023-4233...

8.1CVSS6.8AI score0.0124EPSS
Exploits4References32
CERT
CERT
added 2026/06/18 12:0 a.m.7 views

Vendor-signed UEFI applications found vulnerable to Secure Boot bypass

Overview Multiple vendor-signed UEFI applications are vulnerable to Secure Boot bypass via a "Bring Your Own Vulnerable Driver" BYOVD-style attack. If a target system trusts the affected vendor’s certificate, an attacker can exploit these applications to execute arbitrary code during the early...

8.2CVSS7.5AI score0.01036EPSS
Exploits1References7
OSV
OSV
added 2026/06/17 6:43 a.m.6 views

MGASA-2026-0218 Updated log4cxx packages fix security vulnerability

CVE-2026-40023, Apache Log4cxx, Apache Log4cxx Conan, Apache Log4cxx Brew: Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters...

6.3CVSS5.3AI score0.00499EPSS
Exploits0References4
CERT
CERT
added 2026/06/09 12:0 a.m.63 views

Microsoft-signed UEFI shim bootloaders vulnerable to Secure Boot bypass

Overview Microsoft-signed UEFI bootloaders of the open-source shim project, primarily from version 0.9 and earlier, were identified as vulnerable to Secure Boot bypass. To mitigate this risk, the affected bootloaders will be added to the Microsoft UEFI Forbidden Signature Database DBX. Once the D...

7.8CVSS7.3AI score0.00097EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39857

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the choices and counts query parameters of the REST API, where these query builders execute MongoDB distinct operations that bypass the publicApiProjection...

5.3CVSS5.6AI score0.00435EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-41935

Vvveb before 1.0.8.3 contains an uncontrolled recursion vulnerability in the admin controller dispatch cycle where Base::init repeatedly invokes permission on error handlers, causing infinite recursion until PHP memory limits are exhausted. Attackers can send sustained requests to forbidden admin...

7.1CVSS5.5AI score0.00267EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 5:40 a.m.8 views

BIT-AIRFLOW-2026-42359 Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validator

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS5.6AI score0.00592EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/04 10:17 p.m.10 views

CVE-2026-48523

A flaw was found in PyJWT, a Python library for handling JSON Web Tokens JWT. An attacker with control over a registered JSON Web Key JWK private key can bypass security checks by signing a token with a forbidden algorithm while claiming to use an allowed one. This allows the attacker to have the...

5.4CVSS5.6AI score0.00127EPSS
Exploits1References4
OSV
OSV
added 2026/06/03 2:16 p.m.8 views

PYSEC-2026-214

daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines. An...

5.3CVSS5.4AI score0.00172EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/02 5:41 p.m.11 views

DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization

A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and...

6.1CVSS6AI score0.00313EPSS
Exploits1References7
Rows per page
Query Builder