Lucene search
K

8257 matches found

Cvelist
Cvelist
added 5 hours ago9 views

CVE-2026-12478 Libsoup: incomplete fix for cve-2026-0716: out-of-bounds read in libsoup websocket frame processing (unmasked path)

The fix for CVE-2026-0716 commit 6ff7ef0, libsoup 3.6.6 placed the integer overflow guard inside the if masked block, leaving unmasked server-to-client frames unprotected. A malicious WebSocket server can send a crafted unmasked frame with a payload length near UINT64MAX to trigger an OOB read in...

4.8CVSS
Exploits0References4
Nuclei
Nuclei
added 7 hours ago136 views

Limit Login Attempts - Stored Cross-Site Scripting

Limit Login Attempts WordPress plugin 4.0.72 contains a stored cross-site scripting caused by unsanitized and unescaped settings, letting malicious administrators inject Javascript code, exploit requires administrator privileges. id: CVE-2022-1029 info: name: Limit Login Attempts - Stored...

4.8CVSS6AI score0.00848EPSS
Exploits2References1
Nuclei
Nuclei
added 7 hours ago52 views

Limit Login Attempts WordPress - Stored Cross-site Scripting

Limit Login Attempts WordPress plugin 4.0.50 contains a stored cross-site scripting caused by not escaping IP addresses controlled via headers like X-Forwarded-For before outputting them in reports, letting unauthenticated attackers execute scripts in admin context. id: CVE-2021-24657 info: name:...

6.1CVSS6.4AI score0.0157EPSS
Exploits2References2
NVD
NVD
added yesterday6 views

CVE-2026-58488

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Versions prior to 1.11.0 allowed attackers to circumvent the rate-limiting of the /login and /register routes by spoofing IP addresses. HedgeDoc instances checked for CloudFlare's cf-connecting-ip header and used th...

6.9CVSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-56877

The CVE-2026-56877 issue affects Skillable/SCORM lab launch endpoint (scorm.skillable.com). The root cause is that the server does not validate the client-supplied userId against the authenticated session token, allowing an authenticated user to substitute arbitrary userId values. This can bypass...

6.3CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added yesterday16 views

CVE-2026-58488 HedgeDoc: Rate-limit bypass via CF-Connecting-IP header spoofing

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Versions prior to 1.11.0 allowed attackers to circumvent the rate-limiting of the /login and /register routes by spoofing IP addresses. HedgeDoc instances checked for CloudFlare's cf-connecting-ip header and used th...

6.9CVSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-58488

CVE-2026-58488 affects HedgeDoc versions prior to 1.11.0. The vulnerability arises from the login/register rate-limit logic which, when a cf-connecting-ip header is present, uses that header instead of the user’s real IP—even if requests did not originate from Cloudflare. This allowed an attacker...

6.9CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-10664 Out-of-bounds write in nRF70 Wi-Fi driver power-save event handler (unbounded TWT flow count)

The nRF70 Wi-Fi driver's power-save event handler nrfwifieventprocgetpowersaveinfo in drivers/wifi/nrfwifi/src/wifimgmt.c copied TWT Target Wake Time flow entries from an nrfwifiumaceventpowersaveinfo event into the fixed-size twtflowsWIFIMAXTWTFLOWS 8-element array of a caller-supplied struct...

5CVSS0.00143EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-56281

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS0.00197EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

CVE-2026-56281 Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS6.1AI score0.00197EPSS
Exploits0References4
CVE
CVE
added 2 days ago14 views

CVE-2026-56281

Capgo before 12.128.2 contains a SQL injection in POST /private/admin_stats: the limit parameter is destructured from an unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform admin credentials can inject SQ...

5.1CVSS6.1AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-56281 Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS0.00197EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-61465

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of...

6.5CVSS6.1AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-57220 RabbitMQ: Stream listener does not enforce configured frame-size limit during authentication, permitting unauth'd mem-exhaust DoS

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing an unauthenticated remote client to declare oversized frame length...

7.5CVSS0.00429EPSS
Exploits1References6
NVD
NVD
added 4 days ago9 views

CVE-2026-59161

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the streaming worksheet reader used by Rows and GetRows does not enforce the TotalRows limit on the row r attribute, allowing a small XLSX file with a row number above 1048576 and no cell...

8.7CVSS0.00524EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42951

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS6.1AI score0.0039EPSS
Exploits1References3
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-59193 Grav CMS — Improper Handling of Highly Compressed Data in Installer::unZip()

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS0.0039EPSS
Exploits1References3
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42938

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Exc...

7.5CVSS6.1AI score0.00575EPSS
Exploits0References2
CVE
CVE
added 4 days ago15 views

CVE-2026-59161

CVE-2026-59161 affects the Go library Excelize. The streaming worksheet reader used by Rows/GetRows could bypass the TotalRows limit, enabling an attacker-controlled index to cause unbounded memory and CPU usage by generating empty rows beyond 1048576. The issue is fixed in version 2.11.0; upgrad...

8.7CVSS6.1AI score0.00524EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-55501 9router: Login brute-force protection bypass via spoofed X-Forwarded-For header

9Router is an AI router & token saver. Prior to 0.4.80, the dashboard login rate limiter in src/lib/auth/loginLimiter.js derives the client identity from the attacker-controlled X-Forwarded-For HTTP header, and src/app/api/auth/login/route.js uses that spoofable value for checkLock and recordFail...

7.3CVSS0.00515EPSS
Exploits0References3
Rows per page
Query Builder