Lucene search
K

2402 matches found

Cvelist
Cvelist
added 2026/03/04 7:30 p.m.41 views

CVE-2026-28427 OpenDeck affected by path traversal allows arbitrary file read

OpenDeck is Linux software for your Elgato Stream Deck. Prior to 2.8.1, the service listening on port 57118 serves static files for installed plugins but does not properly sanitize path components. By including ../ sequences in the request path, an attacker can traverse outside the intended...

5.9CVSS0.00431EPSS
Exploits1References2
CNVD
CNVD
added 2026/03/02 12:0 a.m.4 views

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14483)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A security vulnerability exists in several Apple products that can be exploited by an attacker to cause an app to recognize other apps install...

7.1CVSS5.9AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2026/02/21 6:17 a.m.12 views

CVE-2026-26046

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator coul...

7.2CVSS0.02202EPSS
Exploits0References2
OSV
OSV
added 2026/02/19 3:17 p.m.2 views

GHSA-9PPG-JX86-FQW7 Unauthorized npm publish of [email protected] with modified postinstall script

Description On February 17, 2026 at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI on the NPM registry: [email protected]. The published package contains a modified package.json with an added postinstall script: "postinstall": "npm install -g...

5.6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/19 3:17 p.m.14 views

Unauthorized npm publish of [email protected] with modified postinstall script

Description On February 17, 2026 at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI on the NPM registry: [email protected]. The published package contains a modified package.json with an added postinstall script: "postinstall": "npm install -g...

5.6AI score
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/02/16 11:0 p.m.6 views

Malicious Package

Overview cline is a malicious package. NPM publishing token for this package was compromised and useb by an unauthorized party to publish version 2.3.0 containing a modified package.json with an added postinstall script "postinstall": "npm install -g openclaw@latest". This causes openclaw an...

9.8CVSS5.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/13 1:31 a.m.8 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/13 1:31 a.m.6 views

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has install...

7.1CVSS5.8AI score0.00137EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.7 views

Nikto Web Scanner 2.6.0

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including thousands of potentially dangerous files/programs, checks for outdated versions of over 1500 server components, and version specific problems on hundreds of servers...

5.6AI score
Exploits0
OSV
OSV
added 2026/02/11 11:16 p.m.2 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to enumerate a user's installed apps...

3.3CVSS5.7AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 2026/02/11 11:16 p.m.10 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

3.3CVSS0.00117EPSS
Exploits0References2
OSV
OSV
added 2026/02/11 11:16 p.m.4 views

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to identify what other apps a user has install...

7.1CVSS5.7AI score0.00137EPSS
Exploits0References8
NVD
NVD
added 2026/02/11 11:16 p.m.4 views

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has install...

7.1CVSS0.00137EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/02/11 10:58 p.m.2 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to enumerate a user's installed apps...

5.5AI score0.00117EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.3 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.21 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 10:58 p.m.13 views

CVE-2026-20663

CVE-2026-20663 affects Apple iOS/iPadOS where an app may enumerate installed apps due to improper logging handling. The issue is fixed in iOS 18.7.5/iPadOS 18.7.5 and iOS 26.3/iPadOS 26.3; affected builds prior to these versions are vulnerable. Root cause: sanitized logging mitigates the issue. P...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.3 views

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has install...

7.1CVSS5.8AI score0.00137EPSS
Exploits0References9
CVE
CVE
added 2026/02/11 10:58 p.m.17 views

CVE-2026-20641

CVE-2026-20641 is a privacy issue affecting Apple platforms where an app may identify other apps installed on the device. Concrete fixes are listed across multiple Apple OS updates: iOS/iPadOS 18.7.5, iOS/iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionO...

7.1CVSS5.8AI score0.00137EPSS
Exploits0References8Affected Software6
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.22 views

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has install...

0.00137EPSS
Exploits0References8
Rows per page
Query Builder