Lucene search
K

3038 matches found

NVD
NVD
added 8 hours ago5 views

CVE-2026-33213

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS
Exploits0References2
CVE
CVE
added 9 hours ago6 views

CVE-2026-33213

Redash vulnerability CVE-2026-33213 affects the data-visualization tool Redash (versions 5.0.2 through 26.3.0). The get_next_path() function in the authentication module strips the scheme and netloc from user-supplied next parameters but does not normalize multiple leading slashes, enabling an op...

6.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added 9 hours ago3 views

EUVD-2026-44686

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 9 hours ago8 views

CVE-2026-33213 Redash: Open redirect vulnerability in post-login redirect handling

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS
Exploits0References2
F5 Networks
F5 Networks
added 10 hours ago5 views

K000161837: Out-of-band Security Notification (July 15, 2026)

Security Advisory Description On July 15, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. Article CVE|...

9.2CVSS6.1AI score
Exploits0
OSV
OSV
added 12 hours ago15 views

ROOT-APP-NPM-CVE-2026-44581 CVE-2026-44581 in @rootio/next - Patched by Root

Root has patched CVE-2026-44581 in the @rootio/next package for Root:npm. Multiple fixed versions available...

4.7CVSS5.3AI score0.00222EPSS
Exploits1
OSV
OSV
added 12 hours ago8 views

ROOT-APP-NPM-GHSA-Q4GF-8MX6-V5V3 GHSA-q4gf-8mx6-v5v3 in @rootio/next - Patched by Root

Root has patched GHSA-q4gf-8mx6-v5v3 in the @rootio/next package for Root:npm. Multiple fixed versions available...

5.8AI score
Exploits0
OSV
OSV
added 12 hours ago13 views

ROOT-APP-NPM-CVE-2026-44574 CVE-2026-44574 in @rootio/next - Patched by Root

Root has patched CVE-2026-44574 in the @rootio/next package for Root:npm. Multiple fixed versions available...

8.1CVSS5.8AI score0.00485EPSS
Exploits2
OSV
OSV
added 12 hours ago7 views

ROOT-APP-NPM-CVE-2026-29057 CVE-2026-29057 in @rootio/next - Patched by Root

Root has patched CVE-2026-29057 in the @rootio/next package for Root:npm. Multiple fixed versions available...

6.5CVSS5.2AI score0.00427EPSS
Exploits0
OSV
OSV
added 12 hours ago13 views

ROOT-APP-NPM-CVE-2026-44573 CVE-2026-44573 in @rootio/next - Patched by Root

Root has patched CVE-2026-44573 in the @rootio/next package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00592EPSS
Exploits1
OSV
OSV
added 12 hours ago6 views

ROOT-APP-NPM-CVE-2026-44576 CVE-2026-44576 in @rootio/next - Patched by Root

Root has patched CVE-2026-44576 in the @rootio/next package for Root:npm. Multiple fixed versions available...

5.4CVSS5.3AI score0.0025EPSS
Exploits0
OSV
OSV
added 12 hours ago10 views

ROOT-APP-NPM-GHSA-8H8Q-6873-Q5FJ GHSA-8h8q-6873-q5fj in @rootio/next - Patched by Root

Root has patched GHSA-8h8q-6873-q5fj in the @rootio/next package for Root:npm. Multiple fixed versions available...

5.8AI score
Exploits0
OSV
OSV
added 12 hours ago12 views

ROOT-APP-NPM-CVE-2026-27980 CVE-2026-27980 in @rootio/next - Patched by Root

Root has patched CVE-2026-27980 in the @rootio/next package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00683EPSS
Exploits0
OSV
OSV
added 12 hours ago8 views

ROOT-APP-NPM-CVE-2026-44577 CVE-2026-44577 in @rootio/next - Patched by Root

Root has patched CVE-2026-44577 in the @rootio/next package for Root:npm. Multiple fixed versions available...

7.5CVSS5.2AI score0.00705EPSS
Exploits1
OSV
OSV
added 12 hours ago6 views

ROOT-APP-NPM-CVE-2026-44580 CVE-2026-44580 in @rootio/next - Patched by Root

Root has patched CVE-2026-44580 in the @rootio/next package for Root:npm. Multiple fixed versions available...

6.1CVSS5.3AI score0.00205EPSS
Exploits0
OSV
OSV
added 12 hours ago23 views

ROOT-APP-NPM-CVE-2026-44578 CVE-2026-44578 in @rootio/next - Patched by Root

Root has patched CVE-2026-44578 in the @rootio/next package for Root:npm. Multiple fixed versions available...

8.6CVSS5.8AI score0.38811EPSS
Exploits9
Nuclei
Nuclei
added 19 hours ago72 views

AxxonSoft Axxon Next - Local File Inclusion

AxxonSoft Axxon Next suffers from a local file inclusion vulnerability. id: CVE-2018-7467 info: name: AxxonSoft Axxon Next - Local File Inclusion author: 0xAkoko severity: high description: AxxonSoft Axxon Next suffers from a local file inclusion vulnerability. impact: | An attacker can read...

7.5CVSS7AI score0.10358EPSS
Exploits2References5
Nuclei
Nuclei
added 19 hours ago27 views

Quiz and Survey Master <= 8.1.4 - SQL Injection

ExpressTech Quiz And Survey Master versions up to 8.1.4 contains an SQL injection caused by improper neutralization of special elements used in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires user interaction. id: CVE-2023-28787 info: name: Quiz and Survey Master =...

9.3CVSS7.2AI score0.01977EPSS
Exploits0References3
Nuclei
Nuclei
added 19 hours ago38 views

SickChill - Open Redirect

SickChill's login endpoint's 'next' parameter accepts arbitrary content, allowing authenticated attackers to perform open redirects, but this was fixed in commit c7128a8946c3701df95c285810eb75b2de18bf82 by redirecting to a default page. id: CVE-2024-53995 info: name: SickChill - Open Redirect...

4.8CVSS6.2AI score0.00951EPSS
Exploits0References6
CVE
CVE
added yesterday6 views

CVE-2026-15643

CVE-2026-15643 concerns AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) prior to 0.0.14. A server-side request forgery in the pagination handling component can be exploited by a remote authenticated user to exfiltrate AWS temporary security credentials to an attacker-controlled endpoint...

9.2CVSS6.2AI score
Exploits0References2
Rows per page
Query Builder