Lucene search
K

1066 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago9 views

CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS6AI score0.00366EPSS
Exploits1References2Affected Software1
NVD
NVD
added last week7 views

CVE-2026-48704

Warp is an agentic development environment. From 0.2023.10.24.08.03.stable00 until 0.2026.05.06.15.42.stable01, Warp may open executable local files through the operating system default file handler. A malicious Markdown document or project can contain a local-file link that appears as normal...

8.8CVSS0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 3:49 p.m.33 views

CVE-2026-49465 n8n: Git Node Clone and Push Operations Bypass File Sandbox

n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push...

6CVSS0.00495EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 1:16 p.m.9 views

CVE-2026-56274

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS0.02683EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/23 12:13 p.m.4 views

CVE-2026-56274 Flowise - Remote Code Execution via MCP Security Bypass in validateCommandFlags and validateArgsForLocalFileAccess

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:13 p.m.5 views

CVE-2026-56274

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/23 12:13 p.m.17 views

EUVD-2026-38434

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/23 12:13 p.m.50 views

CVE-2026-56274 Flowise - Remote Code Execution via MCP Security Bypass in validateCommandFlags and validateArgsForLocalFileAccess

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS0.02683EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 12:13 p.m.17 views

CVE-2026-56274

Flowise

9.9CVSS6.2AI score0.02683EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51507

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description Multiple OS command injection issues exist in the Custom MCP Server feature. These occur due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker wi...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References11
CVE
CVE
added 2026/06/22 1:20 p.m.20 views

CVE-2026-28381

The CVE affects the Grafana Snowflake data source: GET/PUT commands can enable a user with access to read/write files between the local Grafana server and the connected Snowflake host, potentially impacting confidentiality and integrity (per metrics: HIGH/ HIGH). Root cause and exact vulnerable c...

9.6CVSS5.9AI score0.00205EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 1:20 p.m.38 views

CVE-2026-28381 Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT

The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host...

9.6CVSS0.00205EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

The sourceMapURL feature in devtools lacked security checks, which would have prevented a webpage from attempting to include local files or other files that should be inaccessible. This vulnerability affects Firefox versions earlier than 99...

6.5CVSS6.5AI score0.00572EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/17 6:47 p.m.4 views

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection through the saxonTransform function that uses unhardened net.sf.saxon.TransformerFactoryImpl method. An attacker can access sensitive local files or trigger arbitrary HTTPS requests from the host by...

8.9CVSS6.1AI score
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.6 views

CVE-2026-47277

Runtipi is a personal homeserver orchestrator. In versions 4.9.1 through 4.9.3, Runtipi serves marketplace app logos from files inside cloned app-store repositories through an unauthenticated endpoint, which leads to arbitrary file read through app-store logo symlinks. The path guard checks only...

6.5CVSS0.00399EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 5:37 p.m.9 views

n8n: Git Node Clone and Push Operations Bypass File Sandbox

Impact An authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push operation, bypassing the N8NRESTRICTFILEACCESSTO file sandbox. This allowed the...

7.7CVSS5.3AI score0.00495EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/15 7:28 p.m.10 views

EUVD-2026-32915

PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes...

8.8CVSS7.8AI score0.02214EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/06/15 7:28 p.m.10 views

PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes

!NOTE The library does not directly return non-HTTPS URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws attacker write access to a filesystem path, untrusted jku derivation that this fix do...

8.8CVSS5.6AI score0.02214EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/06/12 11:10 a.m.6 views

XML External Entity (XXE) Injection

Overview org.apache.cxf:cxf-core is an an open source services framework. CXF helps you build and develop services using frontend programming APIs, like JAX-WS and JAX-RS. Affected versions of this package are vulnerable to XML External Entity XXE Injection due to improper configuration of the...

9.8CVSS5.7AI score0.00485EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 7:53 p.m.9 views

EUVD-2026-36112

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS5.4AI score0.00249EPSS
Exploits0References2
Rows per page
Query Builder