Lucene search
K

374 matches found

Github Security Blog
Github Security Blog
added 2026/03/13 8:3 p.m.9 views

Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL

Summary Centrifugo is vulnerable to Server-Side Request Forgery SSRF when configured with a dynamic JWKS endpoint URL using template variables e.g. tenant. An unauthenticated attacker can craft a JWT with a malicious iss or aud claim value that gets interpolated into the JWKS fetch URL before the...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References4Affected Software5
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-32301

Centrifugo is an open-source scalable real-time messaging server. Prior to 6.7.0, Centrifugo is vulnerable to Server-Side Request Forgery SSRF when configured with a dynamic JWKS endpoint URL using template variables e.g. tenant. An unauthenticated attacker can craft a JWT with a malicious iss or...

9.3CVSS0.00258EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 7:50 p.m.5 views

CVE-2026-32094

Shescape is a simple shell escape library for JavaScript. Prior to 2.1.10, Shescapeescape does not escape square-bracket glob syntax for Bash, BusyBox sh, and Dash. Applications that interpolate the return value directly into a shell command string can cause an attacker-controlled value like...

6.9CVSS5.8AI score0.00214EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/11 7:8 p.m.27 views

CVE-2026-31895 WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA Web gerenciador para instituições assistenciais contains a SQL injection vulnerability in html/matPat/restaurarproduto.php. The idproduto parameter from $GET is directly interpolated into SQL queries without...

8.8CVSS0.00387EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/11 5:17 p.m.3 views

CVE-2026-31862 Cloud CLI has Command Injection via Multiple Parameters

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, multiple Git-related API endpoints use execAsync with string interpolation of user-controlled parameters file, branch, message, commit, allowing authenticated attackers to...

9.1CVSS6AI score0.00437EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/10 6:2 p.m.3 views

CVE-2026-31794

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from invalid/wild pointer read in CIccCLUT::Interp3d causing a denial of service. This vulnerability is fixed in 2.3.1.5...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/10 6:2 p.m.8 views

CVE-2026-31794 iccDEV has a SEGV in CIccCLUT::Interp3d()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from invalid/wild pointer read in CIccCLUT::Interp3d causing a denial of service. This vulnerability is fixed in 2.3.1.5...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24752

Shell Command Injection in User Git Config Endpoint | Field | Value | |-------|-------| | Severity | High | | CVSS 3.1 | 8.8 High — when chained with VULN-01 | | CWE | CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' | | Attack Vector | Network | |...

8.8CVSS6.3AI score0.06034EPSS
Exploits1References10
Github Security Blog
Github Security Blog
added 2026/03/09 7:55 p.m.6 views

AzuraCast: RCE via Liquidsoap string interpolation injection in station metadata and playlist URLs

Summary AzuraCast's ConfigWriter::cleanUpString method fails to sanitize Liquidsoap string interpolation sequences ..., allowing authenticated users with StationPermissions::Media or StationPermissions::Profile permissions to inject arbitrary Liquidsoap code into the generated configuration file...

6AI score
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/09 7:55 p.m.2 views

GHSA-93FX-5QGC-WR38 AzuraCast: RCE via Liquidsoap string interpolation injection in station metadata and playlist URLs

Summary AzuraCast's ConfigWriter::cleanUpString method fails to sanitize Liquidsoap string interpolation sequences ..., allowing authenticated users with StationPermissions::Media or StationPermissions::Profile permissions to inject arbitrary Liquidsoap code into the generated configuration file...

8.7CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.6 views

PT-2026-24106

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.23.22 and earlier, the PostgreSQL integration constructs shell commands using user-controlled configuration values database name, host, password, etc. without proper sanitization. The password and other...

8.6CVSS5.8AI score0.0048EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/07 5:49 a.m.2 views

CVE-2026-30830 Defuddle: XSS via unescaped string interpolation in _findContentBySchemaText image tag

Defuddle cleans up HTML pages. Prior to version 0.9.0, the findContentBySchemaText method in src/defuddle.ts interpolates image src and alt attributes directly into an HTML string without escaping. An attacker can use a " in the alt attribute to break out of the attribute context and inject event...

5.3CVSS5.7AI score0.00252EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/07 5:49 a.m.27 views

CVE-2026-30830 Defuddle: XSS via unescaped string interpolation in _findContentBySchemaText image tag

Defuddle cleans up HTML pages. Prior to version 0.9.0, the findContentBySchemaText method in src/defuddle.ts interpolates image src and alt attributes directly into an HTML string without escaping. An attacker can use a " in the alt attribute to break out of the attribute context and inject event...

5.3CVSS0.00252EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/06 6:39 p.m.7 views

defuddle vulnerable to XSS via unescaped string interpolation in _findContentBySchemaText image tag

Summary The findContentBySchemaText method in src/defuddle.ts interpolates image src and alt attributes directly into an HTML string without escaping: typescript html += ; An attacker can use a " in the alt attribute to break out of the attribute context and inject event handlers. This is a...

6.1CVSS5.8AI score0.00252EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/06 6:39 p.m.4 views

GHSA-5MQ8-78GM-PJMQ defuddle vulnerable to XSS via unescaped string interpolation in _findContentBySchemaText image tag

Summary The findContentBySchemaText method in src/defuddle.ts interpolates image src and alt attributes directly into an HTML string without escaping: typescript html += ; An attacker can use a " in the alt attribute to break out of the attribute context and inject event handlers. This is a...

5.3CVSS5.8AI score0.00252EPSS
Exploits1References4
Redos
Redos
added 2026/02/24 12:0 a.m.6 views

ROS-20260224-73-0009

A vulnerability in the Apache Common Text library of FileMaker Server is related to improper control of code generation when using interpolation functions. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS6.5AI score0.00919EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.9 views

OpenSift 安全漏洞

OpenSift is an open-source artificial intelligence learning assistant developed by OpenSift. Versions of OpenSift 1.1.2-alpha and earlier contain security vulnerabilities. These vulnerabilities stem from the use of insecure HTML interpolation patterns in the chat tool’s UI interface, which render...

8.9CVSS5.6AI score0.00347EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/06 4:41 p.m.5 views

CVE-2026-23738

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/control values for Cookies and any GET variable query Parameter are directly interpolated into the HTML of the page using aststrappend. The...

3.5CVSS5.3AI score0.0016EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-23738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user...

6.1CVSS5.4AI score0.0016EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/01 6:27 a.m.2 views

Arbitrary Command Injection

Overview borgmatic is a Simple, configuration-driven backup software for servers and workstations Affected versions of this package are vulnerable to Arbitrary Command Injection via the command hook interpolation logic in borgmatic. An attacker can execute arbitrary shell commands by supplying...

9.8CVSS6AI score
Exploits0References3
Rows per page
Query Builder