Lucene search
+L

1190 matches found

Nuclei
Nuclei
added yesterday97 views

WSO2 - Cross-Site Scripting

WSO2 contains a reflected cross-site scripting vulnerability in the Management Console of API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0,...

6.1CVSS5.8AI score0.41078EPSS
Exploits5References5
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-44632

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in the user/add API endpoint that allows non-SuperAdmin administrators to create SuperAdmin accounts. A delegated administrator with USERADD/EDIT/DELETE permissions can call POST /admin/api/user/add with isSuperAdmin: true and...

8.8CVSS6.1AI score0.00246EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-46637

Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with issafe = all, causing Twig to treat plain text or HTML output as safe in HTML, JavaScript, CSS, URL, and other contexts where the output is not properly...

5.4CVSS0.00175EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago37 views

CVE-2026-46637 Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`

Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with issafe = all, causing Twig to treat plain text or HTML output as safe in HTML, JavaScript, CSS, URL, and other contexts where the output is not properly...

5.1CVSS0.00175EPSS
Exploits0References4
CVE
CVE
added 4 days ago18 views

CVE-2026-46637

CVE-2026-46637 concerns Twig (PHP template engine). Before 3.26.0, the filters in twig/markdown-extra (html_to_markdown, markdown_to_html) and twig/cssinliner-extra (inline_css) were registered with is_safe => [all], causing their output to be treated as safe in contexts where escaping is requ...

5.4CVSS6.1AI score0.00175EPSS
Exploits0References4Affected Software1
NVD
NVD
added 4 days ago5 views

CVE-2026-45075

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, method-scoped IsGranted, IsSignatureValid, and IsCsrfTokenValid attributes can be configured for GET only, but Symfony routes HEAD requests to the GET handler while the...

8.3CVSS0.00382EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-45075 Symfony: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, method-scoped IsGranted, IsSignatureValid, and IsCsrfTokenValid attributes can be configured for GET only, but Symfony routes HEAD requests to the GET handler while the...

8.3CVSS0.00382EPSS
Exploits0References3
NVD
NVD
added 4 days ago5 views

CVE-2026-15043

DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted = SQL operators on text. DBI::SQL::Nano, DBI's built-in mini-SQL engine, evaluated WHERE predicates incorrectly in some cases. In the non-numeric string branch of the ismatched method, = was evaluated using Perl's le operator...

9.8CVSS0.00513EPSS
Exploits0References4
OSV
OSV
added 4 days ago5 views

ROOT-OS-DEBIAN-11-CVE-2024-42230 CVE-2024-42230 in rootio-linux - Patched by Root

Root has patched CVE-2024-42230 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.4CVSS6.8AI score0.00205EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:56 a.m.10 views

CVE-2026-46455

Insufficient Session Expiration vulnerability in Apache Camel Keycloak Component. The camel-keycloak security helper KeycloakSecurityHelper.parseAndVerifyAccessToken builds a Keycloak TokenVerifier using withChecks... with only the subject-exists check and the realm-URL issuer check. Keycloak's...

6AI score0.00411EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/07/06 7:56 a.m.22 views

CVE-2026-46455

CVE-2026-46455 affects Apache Camel with the camel-keycloak component. The security helper KeycloakSecurityHelper.parseAndVerifyAccessToken builds a Keycloak TokenVerifier using withChecks(...) that only enforces subject and issuer, but omits the default IS_ACTIVE check. Consequently, the verifie...

9.8CVSS6AI score0.00411EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/29 5:0 p.m.4 views

CVE-2026-13591 DeepMyst Mysti Contact Tracking ChannelBridge.ts _isTrackedConversation improper authorization

A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...

2.3CVSS5.3AI score0.00199EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/29 4:49 p.m.8 views

CVE-2026-56789

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64...

7.1CVSS6AI score0.00239EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52979

In the Linux kernel, the following vulnerability has been resolved: net: psp: check for device unregister when creating assoc pspassocdevicegetlocked obtains a pspdev reference via pspdevgetforsock which uses pspdevtryget under RCU; it then acquires psd-lock and drops the reference. Before the lo...

5.6AI score0.00093EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56310

Cap-go before 12.128.2 contains an authorization bypass vulnerability in the GET /organization/members endpoint that allows org-limited API keys to bypass limitedtoorgs restrictions. Attackers with org-limited API keys can read membership data including uid, email, imageurl, role, and istmp from...

5.3CVSS5.9AI score0.00182EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 5:17 p.m.5 views

MINI-MQCP-Q395-G82P

Bulletin has no description...

7.5CVSS5.8AI score0.00781EPSS
Exploits0
OSV
OSV
added 2026/06/19 4:59 p.m.4 views

CVE-2026-49260 PhpWeasyPrint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, pontedilana/php-weasyprint builds the shell command for WeasyPrint by passing the binary path through escapeshellarg first and then checking the quoted result with isexecutable. On POSIX...

8.2CVSS5.9AI score0.00154EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49323

Name of the Vulnerable Software and Affected Versions anna-is-cute paste version 0.1.1 Description A flaw in the '/api/v0/pastes' endpoint allows attackers to cause a Denial of Service DoS, which is a condition where a service becomes unavailable to its intended users, by sending a specially...

7.5CVSS5.9AI score0.00324EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 10:23 p.m.19 views

EUVD-2026-36168

SQLAdmin is a flexible Admin interface for SQLAlchemy models. Prior to version 0.25.1, the ajaxlookup endpoint in application.py bypasses the isaccessible access control check that all other endpoints enforce. If a developer restricts model access by overriding isaccessible, an authenticated user...

4.3CVSS5.4AI score0.00279EPSS
Exploits1References4
OSV
OSV
added 2026/06/10 7:52 p.m.3 views

CVE-2026-46643 Snappy: Binary path is never shell-escaped due to an inverted is_executable check

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg‘/usr/bin/wkhtmltopdf’ returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included. isexecutable then looks for a file...

7.5CVSS6AI score0.00152EPSS
Exploits0References4
Rows per page
Query Builder