CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

RedhatCVE•added 2026/04/27 7:23 p.m.•2 views

CVE-2026-6979

A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been published and m...

6.5CVSS6.1AI score0.00014EPSS

Exploits0References1

NVD•added 2026/04/25 12:15 p.m.•1 views

CVE-2026-6979

6.5CVSS0.00014EPSS

Exploits0References4

Vulnrichment•added 2026/04/25 12:0 p.m.•0 views

CVE-2026-6979 devlikeapro WAHA API Request media.controller.ts server-side request forgery

6.5CVSS5.1AI score0.00014EPSS

Exploits0References4

CVE•added 2026/04/25 12:0 p.m.•8 views

CVE-2026-6979

Affects devlikeapro WAHA up to 2026.3.4; vulnerable in the API Request Handler function src/api/media.controller.ts, enabling server-side request forgery. Attackable remotely; exploit published. Vendor unresponsive. No remediation details provided in the documents.

6.5CVSS6.2AI score0.00014EPSS

Exploits0References4

Cvelist•added 2026/04/25 12:0 p.m.•26 views

CVE-2026-6979 devlikeapro WAHA API Request media.controller.ts server-side request forgery

6.5CVSS0.00014EPSS

Exploits0References4

ATTACKERKB•added 2026/04/25 12:0 p.m.•1 views

CVE-2026-6979

6.5CVSS6.2AI score0.00014EPSS

Exploits0References4Affected Software1

EUVD•added 2026/04/25 12:0 p.m.•0 views

EUVD-2026-25655

6.5CVSS5.1AI score0.00014EPSS

Exploits0References4

Positive Technologies•added 2026/04/25 12:0 a.m.•1 views

PT-2026-35149

6.5CVSS6.2AI score0.00014EPSS

Exploits0References5

CNNVD•added 2026/04/25 12:0 a.m.•3 views

WAHA 代码问题漏洞

WAHA is an open-source WhatsApp HTTP API service tool developed by devlikeapro. Versions of WAHA prior to 2026.3.4 contained code vulnerabilities. These vulnerabilities stemmed from unknown features in the component’s API Request Handler, specifically in the file src/api/media.controller.ts, whic...

6.5CVSS6.7AI score0.00014EPSS

Exploits0References2

Cvelist•added 2026/04/22 1:54 p.m.•25 views

CVE-2026-31473 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex

In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...

7.8CVSS0.00017EPSS

Exploits0References8

RedhatCVE•added 2026/02/17 1:27 p.m.•2 views

CVE-2026-2557

A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...

5.4CVSS3.9AI score0.00036EPSS

Exploits1References1

RedhatCVE•added 2026/02/17 1:27 p.m.•2 views

CVE-2026-2556

A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...

6.5CVSS5.2AI score0.00015EPSS

Exploits1References1

EUVD•added 2026/02/16 3:32 p.m.•4 views

EUVD-2026-6089

6.5CVSS5.2AI score0.00015EPSS

Exploits1References5

EUVD•added 2026/02/16 3:32 p.m.•4 views

EUVD-2026-6088

9.2CVSS3.9AI score0.00036EPSS

Exploits3References9