Lucene search
+L

159 matches found

Cvelist
Cvelist
added 2026/05/26 9:58 p.m.42 views

CVE-2026-44985 Dozzle: Cross-Site WebSocket Hijacking (CSWSH) on exec/attach endpoints bypasses authentication

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: funcr http.Request bool return true , accepting upgrade requests from any origin. Combined with the JWT cookie using SameSite: Lax, this enables...

8.7CVSS0.00195EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/26 9:58 p.m.15 views

CVE-2026-44985 Dozzle: Cross-Site WebSocket Hijacking (CSWSH) on exec/attach endpoints bypasses authentication

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: funcr http.Request bool return true , accepting upgrade requests from any origin. Combined with the JWT cookie using SameSite: Lax, this enables...

8.7CVSS5.8AI score0.00195EPSS
Exploits1References2
OSV
OSV
added 2026/05/21 8:35 p.m.10 views

GHSA-F74W-272X-MQCV NocoDB: Refresh Token Cookie Set Without `secure` and `sameSite` Flags

Summary The refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it to cross-site POSTs, enabling CSRF against the token-refresh endpoint...

5.4CVSS5.7AI score0.00099EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.17 views

PT-2026-42621

Summary The refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it to cross-site POSTs, enabling CSRF against the token-refresh endpoint...

5.4CVSS5.7AI score
Exploits0References3
EUVD
EUVD
added 2026/05/15 7:48 p.m.11 views

EUVD-2026-30623

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via basemodelid: a user-defined model e.g., "Cheap Assistant" can reference an existing base model e.g., "gpt-4-turbo-restricted" that provides...

7.6CVSS5.9AI score0.00248EPSS
Exploits1References1
OSV
OSV
added 2026/05/11 2:7 p.m.47 views

GHSA-J643-X8PV-8M67 Dozzle's Cross-Site WebSocket Hijacking (CSWSH) on exec/attach endpointsbypasses authentication

Summary The WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: funcr http.Request bool return true , accepting upgrade requests from any origin. Combined with the JWT cookie using SameSite: Lax, this enables Cross-Site WebSocket Hijacking CSWSH — even when authentication is...

9.6CVSS5.9AI score0.00195EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/11 2:7 p.m.12 views

Dozzle's Cross-Site WebSocket Hijacking (CSWSH) on exec/attach endpointsbypasses authentication

Summary The WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: funcr http.Request bool return true , accepting upgrade requests from any origin. Combined with the JWT cookie using SameSite: Lax, this enables Cross-Site WebSocket Hijacking CSWSH — even when authentication is...

9.6CVSS5.9AI score0.00195EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/29 9:54 p.m.27 views

GHSA-RW74-VC9H-534J Admidio has CSRF on Admin Preferences that Triggers Unauthorized Backup, .htaccess Write, and Email Send

Summary Several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GET navigations, an attacker forces an authenticated admin to trigger...

3.5CVSS5.8AI score0.00117EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/29 9:54 p.m.12 views

Admidio has CSRF on Admin Preferences that Triggers Unauthorized Backup, .htaccess Write, and Email Send

Summary Several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GET navigations, an attacker forces an authenticated admin to trigger...

3.5CVSS5.6AI score0.00117EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/04/22 2:52 p.m.10 views

Insecure Default Initialization of Resource

Overview engramx is a The context spine for AI coding agents. 9 built-in providers + mcpConfig plugin contract wrap any MCP server in 10 lines, generic MCP-client aggregator stdio, pre-mortem mistake-guard, bi-temporal mistake memory, Anthropic Auto-Memory bridge, SSE stre Affected versions of th...

8.6CVSS5.8AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/21 11:4 p.m.4 views

CVE-2026-41064 AVideo has an incomplete fix for CVE-2026-33502 (Command Injection)

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS5.7AI score0.00335EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.214 contained security vulnerabilities. These vulnerabilities stemmed from the phone conversation creation process, which...

7.1CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 12:12 a.m.4 views

EUVD-2026-19888

RedwoodSDK has a CSRF vulnerability in server function dispatch via GET requests...

8.1CVSS5.9AI score0.0021EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.9 views

PT-2026-30990

RedwoodSDK is a server-first React framework. From 1.0.0-beta.50 to 1.0.5, erver functions exported from "use server" files could be invoked via GET requests, bypassing their intended HTTP method. In cookie-authenticated applications, this allowed cross-site GET navigations to trigger...

8.1CVSS5.8AI score0.0021EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/01 6:36 p.m.5 views

EUVD-2024-55519

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References3
NVD
NVD
added 2026/04/01 5:16 p.m.8 views

CVE-2024-40489

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests...

9.8CVSS0.00519EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.9 views

PT-2026-29547

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References4
OSV
OSV
added 2026/04/01 12:0 a.m.3 views

CVE-2024-40489

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests...

9.8CVSS6.4AI score0.00519EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

JeecgBoot 安全漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from 3.0.0 to 3.5.3 have security vulnerabilities. These vulnerabilities stem from lax character filtering, which could allow attackers to execute arbitrary code o...

9.8CVSS6.3AI score0.00519EPSS
Exploits0References2
CVE
CVE
added 2026/03/31 1:57 p.m.18 views

CVE-2026-34200

CVE-2026-34200 affects the Nhost CLI MCP server prior to v1.41.0. When explicitly configured to listen on a network port, the MCP server applies no inbound authentication and does not enforce strict CORS, allowing a malicious website on the same machine to issue cross-origin requests and use loca...

7.7CVSS5.7AI score0.00361EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder