Lucene search
+L

7775 matches found

euvd
euvd
added yesterday3 views

EUVD-2026-45004

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an XAPPLEPUSHSERVICE folder existence oracle and push hijack. An authenticated IMAP user could probe for the existence of arbitrary mailboxes on other users' accounts via the XAPPLEPUSHSERVICE command and then create...

3.1CVSS6.2AI score
Exploits0References3
nuclei
nuclei
added yesterday17 views

YesWiki < 4.5.4 - Cross-Site Scripting

YesWiki 4.5.4 contains a reflected cross-site scripting caused by unsanitized idformulaire parameter in /?BazaR endpoint, letting attackers steal cookies and hijack sessions, exploit requires user to click malicious link. id: CVE-2025-46550 info: name: YesWiki 4.5.4 - Cross-Site Scripting author:...

6.1CVSS6AI score0.00498EPSS
Exploits1References2
nuclei
nuclei
added yesterday15 views

XWiki Platform Distribution Flavor Main - Cross-Site Scripting

XWiki Platform Distribution Flavor Main versions prior to 17.6.0 are vulnerable to reflected cross-site scripting XSS due to improper sanitization of user-supplied input in the extensionId parameter. An attacker can exploit this issue by injecting malicious JavaScript, which will be executed in t...

6.5CVSS6.9AI score0.00503EPSS
Exploits0References2
nuclei
nuclei
added yesterday24 views

Lightdash v0.1024.6 - Server-Side Request Forgery

Server-Side Request Forgery “SSRF” in the export dashboard functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to obtain the session cookie of any user who exports a crafted dashboard. When they are exported, dashboards containing HTML elements can trigger HTTP...

7.3CVSS6.1AI score0.01786EPSS
Exploits0References2
cve
cve
added yesterday5 views

CVE-2026-47081

Cyrus IMAP (cyrus-imapd) up to version 3.12.2 is affected by a XAPPLEPUSHSERVICE folder existence oracle that lets an authenticated IMAP user probe for the existence of arbitrary mailboxes on other users and push notifications for new mail to their own APNS device. This does not expose mailbox co...

3.1CVSS6.2AI score
Exploits0References2
nvd
nvd
added 2 days ago6 views

CVE-2026-49279

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...

7.7CVSS0.00327EPSS
Exploits0References2
cve
cve
added 3 days ago5 views

CVE-2026-47995

Technical details such as affected versions, vulnerable components, exploit methods, or remediation steps are not provided in the supplied documents. Monitor for updates from Adobe/NVD for concrete technical information.

8.1CVSS6.1AI score0.00269EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 3 days ago7 views

CVE-2026-54433

A flaw was found in Roundcube Webmail. A remote attacker could exploit a Stored Cross-Site Scripting XSS vulnerability by sending a specially crafted plain-text email message. When the victim opens or previews this message, attacker-controlled JavaScript executes within their authenticated sessio...

7.2CVSS6.2AI score0.00276EPSS
Exploits0References2
euvd
euvd
added 3 days ago7 views

EUVD-2026-43637

In versions up to and including 4.5.29 4.x branch and 5.1.4 5.x branch, the WebClientSession component of Eclipse Vert.x Web Client does not validate that the Domain attribute of a Set-Cookie response header matches the originating server's domain, in violation of RFC 6265 section 5.3. An attacke...

8.2CVSS6.1AI score0.00157EPSS
Exploits0References1
osv
osv
added 4 days ago2 views

OPENSUSE-SU-2026:21331-1 Security update for helm

This update for helm fixes the following issue - CVE-2026-48978: oras.land/oras-go/v2/registry/remote/auth: malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens bsc1270127. Changes for helm: - Update to version 3.21.2...

6.1AI score
Exploits0References2
nvd
nvd
added last week5 views

CVE-2026-55665

Grist is spreadsheet software using Python as its formula language. Prior to 1.7.15, Grist contained two cross-site scripting vulnerabilities where an attacker-controlled value reached a link's href without scheme validation, so a javascript URL could run in a victim's Grist origin on a single...

8.5CVSS0.00322EPSS
Exploits0References3
cvelist
cvelist
added last week34 views

CVE-2026-29519 Lucee CFML Server Reflected XSS via URL Path Parsing

Lucee CFML Server versions across the 5.3.x, 6.1.x, 6.2.x, and 7.0.x release lines contain a reflected cross-site scripting vulnerability in URL path parsing that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by embedding HTML or JavaScript payloads...

8.2CVSS0.00386EPSS
Exploits1References2
osv
osv
added last week3 views

CVE-2026-29519 Lucee CFML Server Reflected XSS via URL Path Parsing

Lucee CFML Server versions across the 5.3.x, 6.1.x, 6.2.x, and 7.0.x release lines contain a reflected cross-site scripting vulnerability in URL path parsing that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by embedding HTML or JavaScript payloads...

6.2CVSS6.3AI score0.00386EPSS
Exploits1References5
cve
cve
added last week7 views

CVE-2026-61456

Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 is vulnerable to stored XSS via SVG uploads. The HandlesMediaUploads::processUploadedFile() path only validates file extension and does not call Security::sanitizeSVG(), enabling an authenticated attacker with api.media.write to upload an SVG...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
nvd
nvd
added 2026/07/09 10:17 p.m.6 views

CVE-2026-55604

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...

8.6CVSS0.00225EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/07/09 6:52 p.m.5 views

CVE-2026-54695

Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Prior to 1.4.0, the pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication, reads an attacker-supplied callSid...

7.5CVSS6AI score0.00343EPSS
Exploits1References6Affected Software1
osv
osv
added 2026/07/09 6:27 p.m.2 views

CVE-2026-59148 Mockoon: Unauthenticated admin API + wildcard CORS allows mock-state hijack and secret theft

Mockoon provides way to design and run mock APIs. Prior to 9.7.0, Mockoon's admin API in commons-server/src/libs/server/admin-api.ts is mounted on the same Express listener as user-defined mock routes, enabled by default in shipped runtimes, serves Access-Control-Allow-Origin: with write methods...

8.8CVSS6.2AI score0.00173EPSS
Exploits0References7
cve
cve
added 2026/07/09 6:27 p.m.12 views

CVE-2026-59148

The CVE covers Mockoon prior to version 9.7.0, where the admin API was mounted on the same Express listener as user mock routes with default-enabled, unauthenticated access and permissive CORS (Access-Control-Allow-Origin: ). This allowed any unauthenticated client on the mock server port to: rea...

8.8CVSS6AI score0.00173EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/07/09 4:48 p.m.7 views

CVE-2026-59216

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, geteventcall delivered execute:python and execute:tool Socket.IO events to a client-supplied sessionid after checking only that the session was connected, allowing authenticated users who learne...

7.7CVSS6AI score0.00308EPSS
Exploits0References5Affected Software1
cert
cert
added 2026/07/09 12:0 a.m.5 views

Xerte Online Toolkit contains an authentication bypass that allows for RCE

Overview Two vulnerabilities have been discovered in Xerte Online Toolkits, an open-source e-learning authoring toolsuite intended for the creation of learning materials within a web browser. CVE-2026-14261 tracks the persistence of the /setup/ directory after installation, which allows an...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References5
Rows per page
Query Builder