Lucene search
K

3496 matches found

Cvelist
Cvelist
added 7 hours ago3 views

CVE-2026-61449 Grav before 2.0.2 Decompression Bomb via Forged ZIP Size

Grav 2.0.1 contains a decompression-bomb size-cap bypass in ZipArchiver and GPM\Installer. The size bound introduced in 2.0.1 sums the uncompressed size declared in each entry's ZIP central-directory header ZipArchive::statIndex'size' and rejects archives exceeding...

7.1CVSS
Exploits0References2
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-44642

PraisonAI before 4.6.78 fails to verify Svix webhook signatures in AgentMail webhook mode, allowing unauthenticated attackers to forge message.received events. Attackers can send crafted JSON payloads to the webhook endpoint to invoke configured agents with arbitrary sender addresses and message...

8.8CVSS6.2AI score
Exploits0References4
EUVD
EUVD
added 13 hours ago7 views

EUVD-2026-44594

The Shibboleth WordPress plugin before 2.5.4 does not fail closed when its HTTP header identity mode is enabled without an anti-spoofing key, treating any request that carries identity headers as an authenticated session without verifying them. On a deployment where untrusted client headers reach...

8.1CVSS6.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 13 hours ago2 views

CVE-2026-12281

The Shibboleth WordPress plugin before 2.5.4 does not fail closed when its HTTP header identity mode is enabled without an anti-spoofing key, treating any request that carries identity headers as an authenticated session without verifying them. On a deployment where untrusted client headers reach...

8.1CVSS6.1AI score
Exploits0References1
Nuclei
Nuclei
added 14 hours ago178 views

pyload - Log Injection

A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. id: CVE-2024-21645 info: name: pyload - Log Injection author: isacaya severity: medium description: | A log injection...

5.3CVSS6.3AI score0.24513EPSS
Exploits1References3
Nuclei
Nuclei
added 14 hours ago130 views

PrestaShop TshirteCommerce - Directory Traversal

The Custom Product Designer tshirtecommerce module for PrestaShop allows HTTP requests to be forged using POST and GET parameters, enabling a remote attacker to perform directory traversal on the system and view the contents of code files. id: CVE-2023-27639 info: name: PrestaShop TshirteCommerce...

7.5CVSS7AI score0.03551EPSS
Exploits1References3
NVD
NVD
added yesterday4 views

CVE-2026-45363

ruby-jwt is a Ruby implementation of the RFC 7519 OAuth JSON Web Token standard. Prior to 2.10.3 and 3.2.0, JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token because OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key and no empty-key...

9.1CVSS0.00018EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday29 views

CVE-2026-45363 `jwt` (Ruby gem) - empty-key HMAC bypass

ruby-jwt is a Ruby implementation of the RFC 7519 OAuth JSON Web Token standard. Prior to 2.10.3 and 3.2.0, JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token because OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key and no empty-key...

9.1CVSS0.00018EPSS
Exploits0References5
NVD
NVD
added yesterday3 views

CVE-2026-45754

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook secrets but did not verify them, allowing unauthenticated POST...

6.9CVSS0.00103EPSS
Exploits0References6
NVD
NVD
added yesterday4 views

CVE-2026-45755

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, MailtrapRequestParser::doParse received the configured webhook secret but ignored the X-Mt-Signature HMAC header, allowing unauthenticated POST requests to inject forged...

6.9CVSS0.00026EPSS
Exploits0References4
EUVD
EUVD
added yesterday11 views

EUVD-2026-37897

Woodpecker gRPC agentid metadata can be spoofed- cross-tenant agent impersonation...

7.1CVSS6.1AI score0.00246EPSS
Exploits0References6
EUVD
EUVD
added yesterday4 views

EUVD-2026-43607

OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose pathsize field claims that many more path words are...

9.1CVSS6.1AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2 days ago4 views

CVE-2026-51541

OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose pathsize field claims that many more path words are...

9.1CVSS0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43285

The User Registration & Membership WordPress plugin before 5.2.2 does not verify the authenticity of incoming payment-provider webhook notifications before acting on them, allowing unauthenticated attackers to forge a payment-approved event and activate a paid membership subscription without...

9.1CVSS6.1AI score0.00261EPSS
Exploits0References2
Nuclei
Nuclei
added 2 days ago24 views

Microsoft SharePoint Server - Authentication Bypass (ToolShell)

Microsoft Office SharePoint Server contains an improper authentication vulnerability that allows unauthorized attackers to perform spoofing over a network. By crafting a POST request to /layouts/15/ToolPane.aspx with a forged Referer header /layouts/SignOut.aspx, attackers can bypass authenticati...

9.8CVSS7.3AI score0.99979EPSS
Exploits41References5
CVE
CVE
added 2 days ago13 views

CVE-2026-51541

OpENer 2.3.0 (commit 76b95cf) is affected by CVE-2026-51541 due to an out-of-bounds read in CIP message parsing when processing malformed explicit requests with a forged EPath size. An ENIP SendRRData frame carrying a short CIP payload with a larger declared path_size can cause the parser to cont...

9.1CVSS6.1AI score0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-51541

OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose pathsize field claims that many more path words are...

0.00155EPSS
Exploits0References2
CVE
CVE
added 4 days ago9 views

CVE-2026-7655

The CVE identifies a vulnerability in the SureCart WordPress plugin up to version 4.2.3. It allows privilege escalation via account takeover by forged customer.updated webhook events because the plugin does not properly validate a user’s identity before updating details (e.g., email) during custo...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43026

The miniOrange Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass leading to account takeover in versions up to and including 7.7.0. This is due to the Profile Completion flow accepting an arbitrary email address via the...

9.8CVSS6.2AI score0.00463EPSS
Exploits0References6
OSV
OSV
added 5 days ago3 views

CVE-2026-55789 Logto: SAML IdP injects user-controlled profile attributes raw into signed assertions, allowing privilege escalation at relying Service Providers

Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's self-hosted SAML application IdP built the signed SAML response and assertion by string-substituting user-controlled profile attributes such as name, email, and custom attribute-mapping values into...

8.5CVSS6.2AI score0.00298EPSS
Exploits0References6
Rows per page
Query Builder