Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

676 matches found

Nuclei
Nucleiadded 17 hours ago66 views

H2O ImportFiles - Local File Inclusion

An attacker is able to read any file on the server hosting the H2O dashboard without any authentication. id: CVE-2023-6038 info: name: H2O ImportFiles - Local File Inclusion author: danmcinerney,byt3bl33d3r severity: high description: | An attacker is able to read any file on the server hosting t...

9.3CVSS7.3AI score0.63282EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/05/18 7:59 p.m.4 views

CVE-2026-8752

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

6.9CVSS5.7AI score0.00081EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/18 7:59 p.m.4 views

CVE-2026-8751

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

9.8CVSS6.7AI score0.00038EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/18 7:59 p.m.5 views

CVE-2026-8750

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

7.5CVSS5.8AI score0.00013EPSS
Exploits0References1
NVD
NVDadded 2026/05/17 12:16 p.m.7 views

CVE-2026-8752

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

6.9CVSS0.00081EPSS
Exploits0References4
NVD
NVDadded 2026/05/17 12:16 p.m.6 views

CVE-2026-8751

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

9.8CVSS0.00038EPSS
Exploits0References4
CVE
CVEadded 2026/05/17 11:45 a.m.10 views

CVE-2026-8752

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-8752.

6.9CVSS5.7AI score0.00081EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/17 11:45 a.m.4 views

CVE-2026-8752 h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

6.9CVSS5.7AI score0.00081EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/17 11:45 a.m.3 views

CVE-2026-8752

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

6.9CVSS5.7AI score0.00081EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/17 11:45 a.m.4 views

EUVD-2026-30699

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

6.9CVSS5.7AI score0.00081EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/17 11:45 a.m.33 views

CVE-2026-8752 h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

6.9CVSS0.00081EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/17 11:30 a.m.1 views

CVE-2026-8751

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

7.5CVSS6.7AI score0.00038EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/05/17 11:30 a.m.12 views

CVE-2026-8751

Affected software: h2oai h2o-3 (versions before 7402). The issue lies in the JAR Handler component, specifically the importBinaryModel() function in h2o-core/src/main/java/hex/Model.java, where input manipulation can trigger deserialization. This enables remote exploitation, with the exploit publ...

9.8CVSS6.7AI score0.00038EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/17 11:30 a.m.8 views

EUVD-2026-30697

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

7.5CVSS6.7AI score0.00038EPSS
Exploits0References4
NVD
NVDadded 2026/05/17 11:16 a.m.4 views

CVE-2026-8750

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

7.5CVSS0.00013EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/17 10:45 a.m.4 views

CVE-2026-8750 h2oai h2o-3 ImportFile API PersistNFS.java importFiles information disclosure

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

6.9CVSS5.8AI score0.00013EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/17 10:45 a.m.34 views

CVE-2026-8750 h2oai h2o-3 ImportFile API PersistNFS.java importFiles information disclosure

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

6.9CVSS0.00013EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/17 10:45 a.m.3 views

CVE-2026-8750

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

6.9CVSS5.8AI score0.00013EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/17 10:45 a.m.6 views

EUVD-2026-30694

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

6.9CVSS5.8AI score0.00013EPSS
Exploits0References4
CVE
CVEadded 2026/05/17 10:45 a.m.13 views

CVE-2026-8750

CVE-2026-8750 affects h2oai h2o-3 up to version 7402. The vulnerability lies in the ImportFile API’s ImportFile/PersistNFS.java importFiles() function, enabling remote information disclosure due to manipulation of file persistence. Multiple sources (NVD, Red Hat, CVE listings, and PT Security) de...

7.5CVSS5.8AI score0.00013EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder