Lucene search
K

26 matches found

Nuclei
Nuclei
added yesterday10 views

Mongoose < 8.8.3 - Remote Code Execution

Mongoose before 8.8.3 can improperly use $where in match, leading to search injection. id: CVE-2024-53900 info: name: Mongoose 8.8.3 - Remote Code Execution author: h4mg severity: critical description: | Mongoose before 8.8.3 can improperly use $where in match, leading to search injection. impact...

9.1CVSS7.3AI score0.03988EPSS
Exploits3References5
Github Security Blog
Github Security Blog
added 2026/06/23 5:43 p.m.9 views

Budibase has nonymous NoSQL operator injection via published-app query templates

Summary enrichContext at packages/server/src/sdk/workspace/queries/queries.ts:121-138 substitutes parameter values into the raw JSON body of a query, then JSON.parses the result. The validator validateQueryInputs at packages/server/src/api/controllers/query/index.ts:61-71 rejects only Handlebars...

10CVSS5.9AI score0.00538EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 6:49 p.m.8 views

CVE-2026-47181 PenguinMod-BackendApi: NoSQL Injection in Password Reset Endpoint Allows Account Takeover

PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to change the password of an account, leading to full account takeover. An attacker only needs a registered account and a...

8.7CVSS5.3AI score0.00251EPSS
Exploits0References1
OSV
OSV
added 2026/04/20 12:32 p.m.4 views

GHSA-5PV2-86QJ-5JF9 Cockpit has NoSQL Injection Through Content Aggregation Pipelines

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.3CVSS6.2AI score0.00232EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/17 9:9 p.m.24 views

CVE-2026-40352 FastGPT: NoSQL Injection in updatePasswordByOld Leads to Account Takeover

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated attacker can bypass the "old password" verification by injecting MongoDB query operators. This allows an attacker who has gained a low-privilege...

8.8CVSS0.0038EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/17 9:5 p.m.23 views

CVE-2026-40351 FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

9.8CVSS0.00627EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/17 9:5 p.m.4 views

CVE-2026-40351 FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

9.8CVSS5.7AI score0.00627EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/17 9:5 p.m.8 views

EUVD-2026-23557

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

9.8CVSS5.7AI score0.00627EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.12 views

PT-2026-33519

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

9.8CVSS5.7AI score0.00627EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.14 views

PT-2026-33520

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated attacker can bypass the "old password" verification by injecting MongoDB query operators. This allows an attacker who has gained a low-privilege...

8.8CVSS5.7AI score0.0038EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.81 views

📄 Cockpit CMS 2.13.5 NoSQL Injection

Cockpit CMS version 2.13.5 is vulnerable to NoSQL operator injection on multiple API endpoints. User-supplied filter objects are forwarded to the Mongolite query engine without stripping MongoDB operators. Authenticated users can bypass intended query filters and perform boolean-based blind queri...

5.8AI score
Exploits0
CVE
CVE
added 2026/03/19 2:24 p.m.69 views

CVE-2026-22558

CVE-2026-22558 affects the UniFi Network Application. An "Authenticated NoSQL Injection" vulnerability could allow a malicious actor with authenticated network access to escalate privileges. The CVE entry provides a CVSS v3.1 vector ( NETWORK, LOW complexity, PRIVILEGES REQUIRED: LOW, UI: NONE, S...

7.7CVSS5.8AI score0.00554EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 10:11 a.m.4 views

CVE-2026-3021

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References2
OSV
OSV
added 2026/03/10 8:8 p.m.4 views

CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type...

9.3CVSS6AI score0.00461EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/06 5:40 p.m.32 views

CVE-2026-30833 Rocket.Chat: NoSQL injection in the EE ddp-streamer-service

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0, a NoSQL injection vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that allows unauthenticated...

6.9CVSS0.00268EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/04/22 12:0 a.m.5 views

The vulnerability of NoSQL Redis database management systems, related to integer overflows, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of NoSQL Redis database management systems is related to integer overflow in buffers. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...

9CVSS6.6AI score0.047EPSS
Exploits0References7Affected Software3
Hacker One
Hacker One
added 2022/05/25 12:26 p.m.40 views

Rocket.Chat: Regex account takeover

Summary: get admin reset token with authenticated user Description: normal user login can access to admin reset token and set a new password for admin user Releases Affected: 3.18.5 3.0.5 Steps To Reproduce from initial installation to vulnerability: Add details for how we can reproduce the issue...

6.5CVSS1.3AI score0.01088EPSS
Exploits1
Kitploit
Kitploit
added 2022/01/26 8:30 p.m.24 views

Ninjasworkout - Vulnerable NodeJS Web Application

Damn Vulnerable NodeJS Application Quick Start Download the Repo = run npm i Afer Installing all dependency just run the application node app.js or nodemon app.js ADDED BUGS Prototype Pollution No SQL Injection Cross site Scripting Broken Access Control Broken Session Management Weak Regex...

8.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/05/27 12:0 a.m.7 views

PT-2021-15268 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat server versions 3.11 through 3.13 Description: A vulnerability exists due to improper input sanitization, potentially leading to unauthenticated NoSQL injection and resulting in remote code execution RCE. Recommendations: For...

9.8CVSS9.8AI score0.95242EPSS
Exploits16References15
CNNVD
CNNVD
added 2021/05/27 12:0 a.m.4 views

Rocket.Chat 安全漏洞

Rocket.Chat is an open source team chat software. A security vulnerability exists in Rocket.Chat versions 3.11, 3.12, and 3.13. The vulnerability could lead to unauthenticated NoSQL injection. No details of the vulnerability are provided at this time...

9.8CVSS5.6AI score0.95242EPSS
Exploits16References9
Rows per page
Query Builder