993523 matches found
Exploit for Eval Injection in Langflow
Fireflow RCE Exploit Remote Code Execution for Langflow via t...
CVE-2026-12746
Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter. The authenticationurl method builds the provider authorization redirect without issuing a state value, and the callback method exchanges the callback code and registers the resulting...
CVE-2026-12740
Plack::Middleware::OAuth versions through 0.10 for Perl do not support the OAuth 2.0 state parameter. RequestTokenV2 builds the provider authorization redirect without issuing a state value, and AccessTokenV2 exchanges the callback code and registers the resulting token into the session...
CVE-2026-12740
Plack::Middleware::OAuth (Perl) versions up to 0.10 are affected. The vulnerability arises because RequestTokenV2 does not issue a state value and AccessTokenV2 continues the OAuth flow without verifying that the callback matches the initiated session. This enables login CSRF: an attacker can ini...
CVE-2026-12740
Plack::Middleware::OAuth versions through 0.10 for Perl do not support the OAuth 2.0 state parameter. RequestTokenV2 builds the provider authorization redirect without issuing a state value, and AccessTokenV2 exchanges the callback code and registers the resulting token into the session...
CVE-2026-12740 Plack::Middleware::OAuth versions through 0.10 for Perl do not support the OAuth 2.0 state parameter
Plack::Middleware::OAuth versions through 0.10 for Perl do not support the OAuth 2.0 state parameter. RequestTokenV2 builds the provider authorization redirect without issuing a state value, and AccessTokenV2 exchanges the callback code and registers the resulting token into the session...
EUVD-2026-41687
Plack::Middleware::OAuth versions through 0.10 for Perl do not support the OAuth 2.0 state parameter. RequestTokenV2 builds the provider authorization redirect without issuing a state value, and AccessTokenV2 exchanges the callback code and registers the resulting token into the session...
CVE-2026-12746
Dancer2::Plugin::Auth::OAuth::Provider (Perl) prior to v0.23 lacks OAuth 2.0 state handling. The authentication_url may omit a state value and the callback does not verify the callback corresponds to the initiating session, enabling login CSRF where an attacker can complete the victim’s authoriza...
CVE-2026-12746
Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter. The authenticationurl method builds the provider authorization redirect without issuing a state value, and the callback method exchanges the callback code and registers the resulting...
CVE-2026-12746 Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter
Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter. The authenticationurl method builds the provider authorization redirect without issuing a state value, and the callback method exchanges the callback code and registers the resulting...
EUVD-2026-41686
Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter. The authenticationurl method builds the provider authorization redirect without issuing a state value, and the callback method exchanges the callback code and registers the resulting...
Exploit for CVE-2026-57517
Control Web Panel 0.9.8.1224 — Blind SQL Injection to Remot...
CVE-2026-53362
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...
CVE-2026-53362
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...
CVE-2026-53362
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-53362 ipv6: account for fraggap on the paged allocation path
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...
EUVD-2026-41669
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...
WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution
The The WP Popup Builder Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wpajaxnoprivshortcodeApiAdd AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that...
JoomSport <= 5.7.7 - SQL Injection
The JoomSport WordPress plugin through 5.7.7 is vulnerable to unauthenticated time-based blind SQL injection via the 'sortf' GET parameter in the player list view. The parameter value is backtick-wrapped and directly concatenated into an ORDER BY clause. id: CVE-2026-42647 info: name: JoomSport =...
Monstra CMS 3.0.4 - Cross-Site Scripting
Monstra CMS 3.0.4 contains a cross-site scripting vulnerability via the registration form i.e., the login parameter to users/registration. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal...