Lucene search
K

154520 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-44544

ColdFusion is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday9 views

CVE-2026-48322 ColdFusion | Improper Control of Generation of Code ('Code Injection') (CWE-94)

ColdFusion is affected by an Improper Control of Generation of Code 'Code Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44543

ColdFusion is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday12 views

CVE-2026-48325 ColdFusion | Missing Authentication for Critical Function (CWE-306)

ColdFusion is affected by a Missing Authentication for Critical Function vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.3CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-48272

CVE-2026-48272 affects Creative Cloud Desktop and involves an Uncontrolled Search Path Element (CWE-427) that could lead to arbitrary code execution in the context of the current user. Exploitation is local, does not require user interaction, and the attack surface is constrained by the patch/sco...

7.8CVSS6.5AI score
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-48344

CVE-2026-48344 involves Creative Cloud Desktop and a TOCTOU race condition (CWE-367) that could lead to arbitrary code execution in the context of the current user . The issue is described as exploitable under conditions beyond the attacker’s control, with no user interaction required . Per the c...

7.8CVSS6.5AI score
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-48359

Adobe Experience Manager is affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could exploit this vulnerability to read sensitive files, potentially...

9.6CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-48358

Adobe Commerce is affected by an Improper Encoding or Escaping of Output vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.1CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-48349

Animate is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed...

8.1CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-48259

Adobe Experience Manager is affected by a Server-Side Request Forgery SSRF vulnerability that could result in arbitrary code execution in the context of the current user. A low-privileged attacker could leverage this vulnerability to issue unauthorized server-side requests, potentially gaining...

9.6CVSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-47992

Adobe Commerce is affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to execute malicious SQL...

7.2CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday8 views

CVE-2026-48349 Animate | Incorrect Authorization (CWE-863)

Animate is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed...

8.1CVSS
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-48349

CVE-2026-48349 (Animate) is an Incorrect Authorization vulnerability (CWE-863) that could allow arbitrary code execution in the context of the current user. Exploitation does not require user interaction, but depends on conditions beyond the attacker’s control. The CVSSv3.1 base score is 8.1 (HIG...

8.1CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-39479

Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser...

6.9CVSS6.1AI score0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday7 views

CVE-2026-48358 Adobe Commerce | Improper Encoding or Escaping of Output (CWE-116)

Adobe Commerce is affected by an Improper Encoding or Escaping of Output vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.1CVSS
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-48358

Adobe Commerce is affected by an Improper Encoding or Escaping of Output vulnerability (CWE-116) that could lead to arbitrary code execution in the context of the current user. The issue enables code execution without user interaction and is rated CRITICAL (CVSS 3.1: AV:N/AC:L/PR:H/UI:N/S:C/C:H/I...

9.1CVSS6.5AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-48001

CVE-2026-48001 affects Adobe Commerce with an Information Exposure vulnerability that could lead to limited disclosure of sensitive information. The provided documents do not specify the vulnerable component, root cause details, or affected product versions. Exploitation is possible without user ...

3.7CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday3 views

CVE-2026-47992

CVE-2026-47992 affects Adobe Commerce and is described as an SQL Injection vulnerability caused by improper neutralization of special elements in SQL commands. The flaw could allow arbitrary code execution in the context of the current user, with a high-privilege attacker potentially executing ma...

7.2CVSS6.5AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-48310

Adobe Experience Manager (AEM) is affected by an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal, CWE-22) vulnerability that could enable arbitrary file system read. The issue arises from an improper pathname restriction, allowing access to sensitive files outside the ...

8.6CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-48259

Adobe Experience Manager is affected by a Server-Side Request Forgery (SSRF) vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires no user interaction, with a low-privileged attacker potentially issuing unauthorized server-side requests ...

9.6CVSS6.5AI score
Exploits0References1
Rows per page
Query Builder