Lucene search
K

8252 matches found

Cvelist
Cvelist
added 3 hours ago8 views

CVE-2026-12478 Libsoup: incomplete fix for cve-2026-0716: out-of-bounds read in libsoup websocket frame processing (unmasked path)

The fix for CVE-2026-0716 commit 6ff7ef0, libsoup 3.6.6 placed the integer overflow guard inside the if masked block, leaving unmasked server-to-client frames unprotected. A malicious WebSocket server can send a crafted unmasked frame with a payload length near UINT64MAX to trigger an OOB read in...

4.8CVSS
Exploits0References4
Nuclei
Nuclei
added 5 hours ago136 views

Limit Login Attempts - Stored Cross-Site Scripting

Limit Login Attempts WordPress plugin 4.0.72 contains a stored cross-site scripting caused by unsanitized and unescaped settings, letting malicious administrators inject Javascript code, exploit requires administrator privileges. id: CVE-2022-1029 info: name: Limit Login Attempts - Stored...

4.8CVSS6AI score0.00848EPSS
Exploits2References1
Nuclei
Nuclei
added 5 hours ago52 views

Limit Login Attempts WordPress - Stored Cross-site Scripting

Limit Login Attempts WordPress plugin 4.0.50 contains a stored cross-site scripting caused by not escaping IP addresses controlled via headers like X-Forwarded-For before outputting them in reports, letting unauthenticated attackers execute scripts in admin context. id: CVE-2021-24657 info: name:...

6.1CVSS6.4AI score0.0157EPSS
Exploits2References2
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-10664 Out-of-bounds write in nRF70 Wi-Fi driver power-save event handler (unbounded TWT flow count)

The nRF70 Wi-Fi driver's power-save event handler nrfwifieventprocgetpowersaveinfo in drivers/wifi/nrfwifi/src/wifimgmt.c copied TWT Target Wake Time flow entries from an nrfwifiumaceventpowersaveinfo event into the fixed-size twtflowsWIFIMAXTWTFLOWS 8-element array of a caller-supplied struct...

5CVSS0.00143EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-56281

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS0.00197EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

CVE-2026-56281 Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS6.1AI score0.00197EPSS
Exploits0References4
CVE
CVE
added 2 days ago14 views

CVE-2026-56281

Capgo before 12.128.2 contains a SQL injection in POST /private/admin_stats: the limit parameter is destructured from an unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform admin credentials can inject SQ...

5.1CVSS6.1AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-56281 Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS0.00197EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-61465

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of...

6.5CVSS6.1AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-57220 RabbitMQ: Stream listener does not enforce configured frame-size limit during authentication, permitting unauth'd mem-exhaust DoS

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing an unauthenticated remote client to declare oversized frame length...

7.5CVSS0.00429EPSS
Exploits1References6
NVD
NVD
added 4 days ago9 views

CVE-2026-59161

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the streaming worksheet reader used by Rows and GetRows does not enforce the TotalRows limit on the row r attribute, allowing a small XLSX file with a row number above 1048576 and no cell...

8.7CVSS0.00524EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42951

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS6.1AI score0.0039EPSS
Exploits1References3
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-59193 Grav CMS — Improper Handling of Highly Compressed Data in Installer::unZip()

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS0.0039EPSS
Exploits1References3
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42938

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Exc...

7.5CVSS6.1AI score0.00575EPSS
Exploits0References2
CVE
CVE
added 4 days ago15 views

CVE-2026-59161

CVE-2026-59161 affects the Go library Excelize. The streaming worksheet reader used by Rows/GetRows could bypass the TotalRows limit, enabling an attacker-controlled index to cause unbounded memory and CPU usage by generating empty rows beyond 1048576. The issue is fixed in version 2.11.0; upgrad...

8.7CVSS6.1AI score0.00524EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-55501 9router: Login brute-force protection bypass via spoofed X-Forwarded-For header

9Router is an AI router & token saver. Prior to 0.4.80, the dashboard login rate limiter in src/lib/auth/loginLimiter.js derives the client identity from the attacker-controlled X-Forwarded-For HTTP header, and src/app/api/auth/login/route.js uses that spoofable value for checkLock and recordFail...

7.3CVSS0.00515EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42920

Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before processing it. An attacker can send very large payloads that force excessive memory allocation, potentially exhausting memory and causing a denial of service...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42904

Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract that lacks limits on uncompressed size, file count, and nesting depth. Attackers can supply a crafted ZIP archive that expands to fill available disk space, causing denial of service by exhausting storage...

7.1CVSS6.1AI score0.00249EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: In body-parser versions prior to 1.20.6 1.x line and 2.3.0 2.x line, when the parser is configured with an invalid limit option value such as an...

5.9CVSS6.1AI score0.0025EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-57305

Name of the Vulnerable Software and Affected Versions RabbitMQ versions prior to 4.2.6 Description The RabbitMQ stream listener fails to enforce the configured stream frame-size limit when assembling frames during authentication and before Tune negotiation. This allows an unauthenticated remote...

7.5CVSS6.1AI score0.00429EPSS
Exploits1References8
Rows per page
Query Builder