Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/07 5:12 a.m.1 views

CVE-2026-5623

A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly availabl...

6.5CVSS6.2AI score0.00041EPSS
Exploits0References1
NVD
NVDadded 2026/04/06 6:16 a.m.0 views

CVE-2026-5623

A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly availabl...

6.5CVSS0.00041EPSS
Exploits0References3
CVE
CVEadded 2026/04/06 4:30 a.m.6 views

CVE-2026-5622

CVE-2026-5622 affects hcengineering Huly Platform 0.7.382. The vulnerability concerns the JWT Token Handler component, specifically foundations/core/packages/token/src/token.ts, where manipulating SERVER_SECRET with the input secret leads to the use of a hard-coded cryptographic key. The issue ca...

6.3CVSS5.3AI score0.00038EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/06 4:30 a.m.27 views

CVE-2026-5622 hcengineering Huly Platform JWT Token token.ts hard-coded key

A vulnerability was determined in hcengineering Huly Platform 0.7.382. Affected by this issue is some unknown functionality of the file foundations/core/packages/token/src/token.ts of the component JWT Token Handler. This manipulation of the argument SERVERSECRET with the input secret causes use ...

6.3CVSS0.00038EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/06 12:0 a.m.1 views

PT-2026-30566

A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly availabl...

6.5CVSS6.2AI score0.00041EPSS
Exploits0References4
NVD
NVDadded 2024/03/07 9:15 p.m.8 views

CVE-2024-27707

Server Side Request Forgery SSRF vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file...

4.3CVSS7.1AI score0.0008EPSS
Exploits0References1
Prion
Prionadded 2024/03/07 9:15 p.m.18 views

Server side request forgery (ssrf)

Server Side Request Forgery SSRF vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file...

7.4AI score0.0008EPSS
Exploits0References1
CVE
CVEadded 2024/03/07 12:0 a.m.43 views

CVE-2024-27707

CVE-2024-27707 affects hcengineering Huly Platform v0.6.202. The vulnerability is a Server Side Request Forgery (SSRF) in the file upload path that allows attackers to run arbitrary code via a crafted SVG file. Multiple sources (NVD/Red Hat/CNNVD and related CVE ecosystems) confirm the presence o...

4.3CVSS7.3AI score0.0008EPSS
Exploits0References1
Rows per page
Query Builder