Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.9 views

CVE-2025-1353

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

7.3CVSS6.8AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.24 views

CVE-2025-1087

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript...

9.3CVSS7.7AI score0.00991EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-2114

Malicious code in bioql PyPI...

7.3CVSS6.9AI score0.00171EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44891

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00352EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14165

Malicious code in bioql PyPI...

9.3CVSS6.7AI score0.00991EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:13 a.m.8 views

CVE-2023-40299

Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLDINSERTLIBRARIES environment variable...

7.8CVSS7.3AI score0.00352EPSS
Exploits1
NVD
NVD
added 2025/05/09 12:15 p.m.17 views

CVE-2025-1087

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript...

9.3CVSS0.00991EPSS
Exploits0References2
OSV
OSV
added 2025/05/09 12:15 p.m.7 views

CVE-2025-1087

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript...

9.3CVSS7.5AI score
Exploits0References2
CVE
CVE
added 2025/05/09 11:37 a.m.76 views

CVE-2025-1087

CVE-2025-1087 : Kong Insomnia Desktop Application prior to 11.0.2 contains a template injection flaw that allows arbitrary code execution. The issue arises from insufficient validation of user-supplied input during template string processing, enabling arbitrary JavaScript execution within the app...

9.3CVSS7.7AI score0.00991EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/09 11:37 a.m.15 views

CVE-2025-1087 Arbitrary Code Execution in Kong Insomnia Desktop Application

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript...

9.3CVSS7.7AI score0.00991EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/09 11:37 a.m.37 views

CVE-2025-1087 Arbitrary Code Execution in Kong Insomnia Desktop Application

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript...

9.3CVSS0.00991EPSS
Exploits0References1
NVD
NVD
added 2025/02/16 3:15 p.m.4 views

CVE-2025-1353

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

7.3CVSS0.00171EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/16 3:0 p.m.5 views

CVE-2025-1353 Kong Insomnia profapi.dll untrusted search path

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

7.3CVSS6.8AI score0.00171EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/16 3:0 p.m.12 views

CVE-2025-1353 Kong Insomnia profapi.dll untrusted search path

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

7.3CVSS0.00171EPSS
Exploits0References3
CVE
CVE
added 2025/02/16 3:0 p.m.68 views

CVE-2025-1353

CVE-2025-1353 affects Kong Insomnia up to 10.3.0, involving the library profapi.dll . The issue is an untrusted search path vulnerability that requires a local attack, with high complexity as described. The existence and reproducibility are disputed in sources. Affected component is the profapi.d...

7.3CVSS6.8AI score0.00171EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/16 12:0 a.m.3 views

PT-2025-6886 · Kong · Kong Insomnia

Name of the Vulnerable Software and Affected Versions: Kong Insomnia versions prior to 10.3.0 Description: A critical issue has been detected in Kong Insomnia, affecting some unknown processing in the library profapi.dll. The manipulation leads to an untrusted search path. An attack must be...

7.3CVSS6.9AI score0.00171EPSS
Exploits0References8
OSV
OSV
added 2023/10/04 10:15 p.m.24 views

CVE-2023-40299

Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLDINSERTLIBRARIES environment variable...

7.8CVSS7.6AI score0.00352EPSS
Exploits1References4
CVE
CVE
added 2023/10/04 12:0 a.m.67 views

CVE-2023-40299

CVE-2023-40299 affects Kong Insomnia 2023.4.0 on macOS. The root cause is the use of the DYLD_INSERT_LIBRARIES environment variable, which can be manipulated to execute code and access restricted files, or trigger TCC permission requests. The exploit is described as a local attack with low attack...

7.8CVSS7.7AI score0.00352EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.5 views

PT-2023-27366 · Kong · Kong Insomnia

Name of the Vulnerable Software and Affected Versions: Kong Insomnia version 2023.4.0 Description: The issue allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD INSERT LIBRARIES environment variable. This can be exploited on macOS...

7.8CVSS7.3AI score0.00352EPSS
Exploits1References9
Cvelist
Cvelist
added 2023/10/04 12:0 a.m.26 views

CVE-2023-40299

Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLDINSERTLIBRARIES environment variable...

7.9AI score0.00352EPSS
Exploits1References4
Rows per page
Query Builder