Lucene search
+L

6 matches found

osv
osv
added 2026/07/09 12:55 p.m.3 views

OESA-2026-2974 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.8.2 has an integer overflow in storeAtts.CVE-2026-56403 libexpat before 2.8.2 has an integer overflow in...

6.9CVSS6.1AI score0.0011EPSS
Exploits0References11
osv
osv
added 2026/07/09 12:55 p.m.4 views

OESA-2026-2973 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.8.2 has an integer overflow in storeAtts.CVE-2026-56403 libexpat before 2.8.2 has an integer overflow in...

6.9CVSS6.1AI score0.0011EPSS
Exploits0References11
vulnrichment
vulnrichment
added 2026/02/09 7:41 p.m.5 views

CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References3
cvelist
cvelist
added 2026/02/09 7:41 p.m.31 views

CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS0.00359EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/02/09 7:41 p.m.6 views

CVE-2026-25494

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References4Affected Software1
circl
circl
added 2025/02/16 11:15 p.m.16 views

CVE-2025-1364

creationtimestamp| type| source ---|---|--- 2025-02-16 23:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lidef4gpi22i 2025-02-17 00:40:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4704 2025-02-17 01:29:37+00:00| seen| https://t.me/cvedetector/18213...

6.6CVSS5.4AI score0.00361EPSS
Exploits1References3
Rows per page
Query Builder