Lucene search
K

97 matches found

CVE
CVE
added 3 days ago12 views

CVE-2026-34171

CVE-2026-34171 affects Coolify prior to 4.0.0-beta.471. The issue is a CSRF-like, state-changing vulnerability on a GET endpoint: GET /invitations/{uuid} can reset the user password to an attacker-known value if a victim visits a crafted invitation URL. This is due to a password-reset being trigg...

8CVSS6AI score0.00146EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 6:16 p.m.8 views

CVE-2026-57949

ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this ...

7.1CVSS0.00231EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 5:19 p.m.14 views

CVE-2026-57949

ruoyi-vue-pro (through 2026.05) contains a missing authorization vulnerability in the CRM module’s GET /admin-api/crm/follow-up-record/get endpoint. The issue allows an authenticated user to read any follow-up record by iterating sequential numeric IDs, exfiltrating follow-up notes, file attachme...

7.1CVSS5.9AI score0.00231EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.19 views

dotCMS Core Publish Audit API - Unauthenticated SQL Injection

dotCMS Core 25.11.04-1 through 26.04.28-02 contains an SQL injection caused by unsanitized input in Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll, letting remote unauthenticated attackers read, modify, or destroy arbitrary database content, exploit requires ...

10CVSS6AI score0.01584EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/25 6:5 p.m.20 views

CVE-2026-56768 Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method

Seahub before 13.0.23 does not enforce SHARELINKLOGINREQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory...

8.8CVSS0.00381EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 3:39 p.m.33 views

CVE-2026-54036 LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user or attacker with a stolen session even when 2FA is already fully enabled on the account. This endpoint overwrites the existi...

5.3CVSS0.00213EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.19 views

CVE-2026-56321 Capgo - Missing Authentication Middleware on GET /private/role_bindings Endpoint

Capgo backend Supabase edge functions before 12.128.2 does not apply the global authentication middleware to the GET /private/rolebindings/:orgid endpoint, unlike the POST and DELETE rolebindings routes, so unauthenticated requests reach the handler instead of being rejected at the middleware...

6.9CVSS0.00322EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 9:4 p.m.6 views

EUVD-2026-38372

Capgo backend Supabase edge functions before 12.128.2 does not apply the global authentication middleware to the GET /private/rolebindings/:orgid endpoint, unlike the POST and DELETE rolebindings routes, so unauthenticated requests reach the handler instead of being rejected at the middleware...

6.9CVSS5.9AI score0.00322EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47733

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected application does not properly sanitize path input in the GET /api/sftp/uploadFiles endpoint used for directory listing. This allows path traversal through crafted input, enabling access to unintended fil...

5.3CVSS5.4AI score0.00242EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.11 views

CVE-2026-47119

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the imageget API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositio...

6.1CVSS5.6AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.13 views

PT-2026-44924

Name of the Vulnerable Software and Affected Versions xiaomusic version 0.5.7 Description An unauthenticated path traversal issue exists in the 'GET /music/file path:path' endpoint. This occurs due to an incomplete path prefix check and a missing trailing separator in the comparison logic...

8.7CVSS5.9AI score0.00513EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

XiaoMusic 路径遍历漏洞

XiaoMusic is a music playback tool developed by Hanxi, allowing unlimited song listening through the XiaoAi speaker. Version 0.5.7 of XiaoMusic has a path traversal vulnerability. This vulnerability stems from the GET /music/filepath:path endpoint, where unauthorized path traversal is allowed,...

8.7CVSS5.8AI score0.00513EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 8:16 p.m.14 views

CVE-2026-32847

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in newui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /fullpath:path endpoint. Attackers can bypass Starlette's...

8.7CVSS0.00376EPSS
Exploits1References2
CVE
CVE
added 2026/05/28 7:32 p.m.32 views

CVE-2026-32847

DeepCode (commit c991dc2) exposes a path traversal vulnerability in the SPA catch-all route of new_ui/backend/main.py. An unauthenticated attacker can read arbitrary files by sending percent-encoded path segments to GET /{full_path:path}, bypassing Starlette path normalization via %2F and %2E%2E....

8.7CVSS5.9AI score0.00376EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 7:32 p.m.37 views

CVE-2026-32847 DeepCode 1.2.0 Path Traversal via SPA Catch-All Route in main.py

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in newui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /fullpath:path endpoint. Attackers can bypass Starlette's...

8.7CVSS0.00376EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.10 views

PT-2026-44488

Name of the Vulnerable Software and Affected Versions DeepCode versions prior to commit c991dc2 Description A path traversal issue exists in the SPA catch-all route within new ui/backend/main.py. Unauthenticated attackers can read arbitrary files by providing percent-encoded path segments to the...

8.7CVSS5.6AI score0.00376EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.14 views

DeepCode 路径遍历漏洞

DeepCode is a multi-agent code generation tool open-source by Data Intelligence Lab@HKU. Previous versions of DeepCode c991dc2 contained a path traversal vulnerability. This vulnerability originated from the SPA catch-all route in newui/backend/main.py, which had a path traversal vulnerability...

8.7CVSS6AI score0.00376EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/27 2:26 p.m.46 views

CVE-2026-47119 Agent Zero < 1.15 Stored XSS via image_get API Endpoint

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the imageget API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositio...

6.1CVSS0.00236EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 2:26 p.m.13 views

EUVD-2026-32524

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the imageget API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositio...

6.1CVSS5.9AI score0.00236EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 2:26 p.m.8 views

CVE-2026-47119

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the imageget API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositio...

6.1CVSS5.9AI score0.00236EPSS
Exploits0References3
Rows per page
Query Builder