Lucene search
K

14377 matches found

CVE
CVE
added 3 days ago6 views

CVE-2026-56220

Capgo before version 12.128.2 contains an authorization bypass in the public.manifest INSERT policy that lets read-only org members insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3_path values, which are served to devices via th...

7.1CVSS6AI score0.00203EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-56220 Capgo - Unauthorized Manifest Insertion via Read-Only Org Member

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...

7.1CVSS0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 3 days ago4 views

gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS5.9AI score0.00221EPSS
Exploits0References4
NVD
NVD
added 4 days ago6 views

CVE-2026-59704

Cap's GET /api/video/ai endpoint fails to validate user ownership or membership before returning private video AI metadata including titles, summaries, and chapters. Authenticated attackers can supply arbitrary video IDs to read sensitive AI-generated content and trigger unauthorized AI generatio...

7.1CVSS0.00216EPSS
Exploits0References5
CVE
CVE
added 4 days ago12 views

CVE-2026-59704

Cap’s GET /api/video/ai endpoint lacks proper ownership/membership validation, exposing private video AI metadata (titles, summaries, chapters) and enabling authenticated attackers to solicit arbitrary video IDs to read sensitive content. This may also trigger unauthorized AI generation that depl...

7.1CVSS6AI score0.00216EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 4 days ago3 views

CVE-2026-59704 Cap - Missing Access Control in Video AI Metadata Endpoint

Cap's GET /api/video/ai endpoint fails to validate user ownership or membership before returning private video AI metadata including titles, summaries, and chapters. Authenticated attackers can supply arbitrary video IDs to read sensitive AI-generated content and trigger unauthorized AI generatio...

7.1CVSS6AI score0.00216EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago27 views

CVE-2026-59704 Cap - Missing Access Control in Video AI Metadata Endpoint

Cap's GET /api/video/ai endpoint fails to validate user ownership or membership before returning private video AI metadata including titles, summaries, and chapters. Authenticated attackers can supply arbitrary video IDs to read sensitive AI-generated content and trigger unauthorized AI generatio...

7.1CVSS0.00216EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-59704

Cap's GET /api/video/ai endpoint fails to validate user ownership or membership before returning private video AI metadata including titles, summaries, and chapters. Authenticated attackers can supply arbitrary video IDs to read sensitive AI-generated content and trigger unauthorized AI generatio...

7.1CVSS6AI score0.00216EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-54607

FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns...

7.7CVSS6AI score0.00238EPSS
Exploits0References5Affected Software1
NVD
NVD
added 4 days ago9 views

CVE-2026-53511

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS0.00197EPSS
Exploits0References3
CVE
CVE
added 4 days ago27 views

CVE-2026-53511

Calibre vulnerability CVE-2026-53511 affects the calibre e-book manager prior to version 9.10.0. A malicious EPUB/OPF/PDF can trigger arbitrary Python code execution when metadata is read by calibre (e.g., via Add books or Edit books) by embedding a python: template in calibre:user_metadata; the ...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-53511 calibre: Arbitrary Code Execution in Template Formatter via Book Metadata

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS0.00197EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-53511

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References4Affected Software1
NVD
NVD
added 4 days ago6 views

CVE-2026-58468

NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin...

5.5CVSS0.002EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-58468 NocoBase 2.1.20 Server-Side Request Forgery via serverRequest wrapper

NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin...

5.5CVSS0.002EPSS
Exploits0References4
OSV
OSV
added 4 days ago3 views

PYSEC-2026-1516 Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever

A Server-Side Request Forgery SSRF vulnerability exists in the Web Research Retriever component in langchain-community langchain-community.retrievers.webresearch.WebResearchRetriever. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet...

4.8CVSS6.7AI score0.00691EPSS
Exploits1References8
NVD
NVD
added 4 days ago10 views

CVE-2026-42147

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...

4.9CVSS0.00255EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-34170 Coolify: Server-Side Request Forgery via attacker-controlled GitHub App API URL

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS0.00171EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago4 views

EUVD-2026-41997

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS6AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-41992

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...

4.9CVSS5.9AI score0.00255EPSS
Exploits0References3
Rows per page
Query Builder