Lucene search
+L

6 matches found

CVE
CVE
added yesterday14 views

CVE-2026-62241

CVE-2026-62241 affects the clawvet self-hosted API server (apps/api) prior to 0.7.5. The vulnerability arises from a hard-coded fallback JWT secret ('clawvet-dev-secret-change-me') implemented in auth.ts and shipped as the default in .env.example. Because GET /api/v1/scans returns scan records co...

9.3CVSS6.1AI score0.00389EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/04/15 5:9 p.m.8 views

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors have been observed weaponizing n8n, a popular artificial intelligence AI workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. "By leveraging trusted infrastructure, these...

5.9AI score
Exploits0
Cvelist
Cvelist
added 2026/04/09 5:52 p.m.25 views

CVE-2026-5329 Rapid7 Velociraptor Improper Input Validation in Client Message Handler

Rapid7 Velociraptor versions prior to 0.76.2 contain an improper input validation vulnerability in the client monitoring message handler on the Velociraptor server primarily Linux that allows an authenticated remote attacker to write to arbitrary internal server queues via a crafted monitoring...

8.5CVSS0.0046EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/03 12:0 a.m.3 views

Slink 安全漏洞

Slink is a self-hosted image sharing service by the individual developer Andrii Kryvoviaz. A security vulnerability exists in Slink v1.4.9, which stems from the vulnerability of specially crafted SVG uploads to stored cross-site scripting attacks...

6.1CVSS5.8AI score0.00251EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:43 a.m.9 views

CVE-2024-52271

User Interface UI Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only, not all...

8.2CVSS6.7AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/09 12:0 a.m.6 views

Nextcloud Talk 访问控制错误漏洞

Nextcloud Talk is a self-hosted local audio/video and chat communication service from Nextcloud Germany. An access control error vulnerability exists in Nextcloud Talk. An attacker could use this vulnerability to access a user's Nextcloud files and view conversations...

2.1CVSS4.9AI score0.0056EPSS
Exploits1References4
Rows per page
Query Builder