Lucene search
K

3858 matches found

CVE
CVE
added yesterday11 views

CVE-2026-52830

The CVE describes a path-traversal in fast-mcp-telegram prior to 0.19.1 where HTTP Bearer tokens are joined into a session-file path. The verifier rejects only the exact reserved token, not path separators or normalized paths, enabling a remote client to authenticate as the default legacy session...

9.4CVSS5.8AI score
Exploits0References2
Nuclei
Nuclei
added yesterday19 views

OpenAM <= 16.0.5 - Pre-Auth RCE via jato.clientSession Deserialization

Open Access Management OpenAM is an access management solution. Prior to 16.0.6, OpenIdentityPlatform OpenAM is vulnerable to pre-authentication Remote Code Execution RCE via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypasses the WhitelistObjectInputStream...

10CVSS7.8AI score0.99999EPSS
Exploits10References2
Nuclei
Nuclei
added yesterday38 views

NCBI ToolBox - Directory Traversal

NCBI ToolBox 2.0.7 through 2.2.26 legacy versions contain a path traversal vulnerability via viewcgi.cgi which may result in reading of arbitrary files i.e., significant information disclosure or file deletion via the nph-viewgif.cgi query string. id: CVE-2018-16716 info: name: NCBI ToolBox -...

9.1CVSS7.4AI score0.0857EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday7 views

phpVMS < 7.0.6 - Legacy Importer Authorization Bypass

phpVMS 7.0.6 contains an authentication bypass caused by unauthenticated access to a legacy import feature, letting unauthenticated attackers access restricted functionality, exploit requires no special privileges. id: CVE-2026-42569 info: name: phpVMS 7.0.6 - Legacy Importer Authorization Bypass...

9.4CVSS5.8AI score0.01173EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday10 views

PraisonAI - Authentication Bypass

PraisonAI 2.5.6 to 4.6.34 contains a broken authentication caused by disabled default authentication in legacy Flask API server, letting remote attackers access /agents and trigger workflows without token, exploit requires network access to API server. id: CVE-2026-44338 info: name: PraisonAI -...

7.3CVSS7.4AI score0.26799EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday24 views

Import Legacy Media <= 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4535 info: name: Import Legacy Media = 0.1 - Cross-Site...

6.1CVSS6.4AI score0.03983EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday13 views

PraisonAI AgentOS - Information Disclosure

PraisonAI's AgentOS FastAPI application server exposes an unauthenticated GET /api/agents endpoint that lists every registered agent's name, role and the opening of its instructions system prompt. No authentication is enforced on the route, allowing a remote attacker to enumerate agent...

7.3CVSS7.4AI score0.26799EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2 days ago12 views

CVE-2026-5051

A flaw was found in HashiCorp Vault and Vault Enterprise. The audit device validation logic did not consistently apply plugin directory protections when a legacy file audit path option was used. This inconsistency could allow an attacker to bypass security controls, potentially leading to...

4.4CVSS5.6AI score0.00278EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-54164 API Platform Core: Missing IRI type check enables resource type confusion

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. In versions prior to 4.1.30, 4.2.26 and 4.3.12, the serializer's AbstractItemNormalizer does not validate the resource type returned when resolving relation IRIs, allowing type confusion where a resource of an...

6.5CVSS0.00195EPSS
Exploits0References1
NVD
NVD
added 2 days ago8 views

CVE-2026-5051

HashiCorp Vault and Vault Enterprise prior to 2.0.1 audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability CVE-2026-5051 is fixed in 2.0.1, 1.21.6, 1.20.11, and 1.19.17...

4.4CVSS0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41098

HashiCorp Vault and Vault Enterprise prior to 2.0.1 audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability CVE-2026-5051 is fixed in 2.0.1, 1.21.6, 1.20.11, and 1.19.17...

4.4CVSS5.8AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2 days ago52 views

CVE-2026-5051

CVE-2026-5051 affects HashiCorp Vault and Vault Enterprise prior to 2.0.1. The audit device plugin directory guard could be bypassed when using the legacy file audit path option, because the file audit backend accepted the legacy path as a fallback and did not validate the destination against the...

4.4CVSS5.8AI score0.00278EPSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2 days ago39 views

Vault Audit Device Plugin Directory Guard Bypass via Legacy Path Option

HashiCorp Vault and Vault Enterprise prior to 2.0.1 audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability CVE-2026-5051 is fixed in 2.0.1, 1.21.6, 1.20.11, and 1.19.17. Vault supports audit devices...

4.4CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2 days ago4 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS6.6AI score0.00558EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40882

UltraVNC through 1.8.2.2 uses inadequate cryptography in the MS-Logon II authentication scheme rfbUltraVNCMsLogonIIAuth. In rfb/dh.cpp the Diffie-Hellman key exchange is performed with parameters that fit in an unsigned 64-bit integer DHMAXBITS controls the prime size. A 64-bit DH key can be brok...

7.4CVSS5.8AI score0.00183EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-54782

Name of the Vulnerable Software and Affected Versions HashiCorp Vault versions prior to 2.0.1 HashiCorp Vault Enterprise versions prior to 2.0.1 Description Audit device validation logic fails to consistently apply plugin directory protections when the legacy file audit path option is utilized...

4.4CVSS5.8AI score0.00278EPSS
Exploits0References5
OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-14091

Use after free in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References1
Debian CVE
Debian CVE
added 3 days ago3 views

CVE-2026-14079

Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00181EPSS
Exploits0
Cvelist
Cvelist
added 3 days ago22 views

CVE-2026-13953

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

0.0022EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-10564 SSRF Vulnerability in Langflow OSS Legacy Components Bypasses Protection

IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...

8.2CVSS0.0021EPSS
Exploits0References1
Rows per page
Query Builder