CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

CVE-2026-7850

The WP Magnific Popup WordPress plugin through 1.0 does not properly escape user-controlled link URLs before injecting them into the DOM when displaying image load error messages, allowing authenticated attackers with Author-level access or above to perform Stored Cross-Site Scripting attacks...

5.9CVSS0.0014EPSS

Exploits0References1

CVE•added 2026/06/17 6:0 a.m.•7 views

CVE-2026-7850

The WP Magnific Popup WordPress plugin (versions through 1.0) is affected by a Stored XSS due to improper escaping of user-controlled link URLs before injecting them into the DOM when displaying image load error messages. This allows authenticated attackers with Author-level access or higher to i...

5.9CVSS5.2AI score0.0014EPSS

Exploits0References1

Cvelist•added 2026/06/17 6:0 a.m.•25 views

CVE-2026-7850 WP Magnific Popup <= 1.0 - Author+ Stored XSS via href Attribute

0.0014EPSS

Exploits0References1

Fedora•added 2026/05/29 1:27 a.m.•10 views

[SECURITY] Fedora 43 Update: CImg-3.7.6-2.fc43

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

6.1CVSS5.8AI score0.00142EPSS

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux – Vulnerability in htmldoc

A security issue has been identified in htmldoc v1.9.12 and earlier versions. A NULL pointer dereferencing in the function imageloadjpeg in image.cxx may lead to a denial of service...

7.8CVSS7AI score0.01083EPSS

Exploits1References2

OSV•added 2026/05/19 3:28 p.m.•8 views

CLSA-2026-1779204531 gdk-pixbuf2: Fix of CVE-2026-5201

CVE-2026-5201: fix heap buffer overflow due to unvalidated JPEG color component count in gdkpixbufjpegimageload...

7.5CVSS7.3AI score0.01069EPSS

Exploits1References1

CVE•added 2026/05/15 8:37 p.m.•46 views

CVE-2026-45401

CVE-2026-45401 affects Open WebUI and describes an SSRF bypass: before version 0.9.5, the validate_url() check only validated the initial URL, while downstream HTTP clients (requests, aiohttp, LangChain WebBaseLoader) follow HTTP 3xx redirects by default and do not re-validate the redirected targ...

8.5CVSS5.8AI score0.003EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2026/05/14 8:27 p.m.•8 views

Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958)

Server-Side Request Forgery SSRF Bypass via HTTP Redirect Following in Web-Fetch, Image-Load, and Chat-Completion Endpoints Summary The validateurl function in backend/openwebui/retrieval/web/utils.py only validates the initial URL submitted by the caller. The HTTP clients used downstream sync...

8.5CVSS5.9AI score0.003EPSS

Exploits1References5Affected Software1

OSV•added 2026/05/14 8:27 p.m.•5 views

GHSA-RH5X-H6PP-CJJ6 Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958)

8.5CVSS5.8AI score0.003EPSS

Exploits1References5

Positive Technologies•added 2026/05/14 12:0 a.m.•10 views

PT-2026-41196

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description The validate url function in backend/open webui/retrieval/web/utils.py only validates the initial URL provided by the user. Downstream HTTP clients, including sync requests, async aiohttp, and...

8.5CVSS5.8AI score0.003EPSS

Exploits1References9

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in htmldoc

A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...

5.5CVSS5.7AI score0.00871EPSS

Exploits1References1

OSV•added 2026/04/22 4:24 p.m.•1 views

SUSE-SU-2026:1556-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow in...

9.8CVSS5.8AI score0.00735EPSS

Exploits6References13

ATTACKERKB•added 2026/04/14 10:5 p.m.•5 views

CVE-2026-33023

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loadwithgdkpixbuf in loader.c. The cleanup path manually frees the sixelframet object and its interna...

7.8CVSS5.8AI score0.00289EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/04/07 1:49 p.m.•18 views

CVE-2026-21413

A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.00544EPSS

Exploits1References1

Positive Technologies•added 2026/04/07 12:0 a.m.•2 views

PT-2026-30833

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to Commit 8dc68e2 Description An integer overflow exists in the uncompressed fp dng load raw functionality of LibRaw. A specially crafted malicious file can trigger a heap buffer overflow. An attacker can provide a...

9.8CVSS6.5AI score0.00735EPSS

Exploits7References36

SUSE CVE•added 2026/04/04 11:27 p.m.•4 views

SUSE CVE-2026-3308

An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...

7.8CVSS6.1AI score0.00213EPSS

Exploits0References3