Lucene search
K

2890 matches found

Nuclei
Nuclei
added yesterday22 views

OpenMetaData - SpEL Injection in PUT /api/v1/policies

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. CompiledRule::validateExpression is also called from PolicyRepository.prepare. prepare is called from...

9.4CVSS7.2AI score0.12527EPSS
Exploits0References5
Circl
Circl
added 4 days ago7 views

CVE-2026-57230

creationtimestamp| type| source ---|---|--- 2026-07-11 02:32:26+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdmpgcqro2d...

5.4CVSS6.1AI score0.00207EPSS
Exploits0References1
Circl
Circl
added 5 days ago7 views

CVE-2026-0275

creationtimestamp| type| source ---|---|--- 2026-07-10 00:15:09+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-0275...

6.7CVSS5.9AI score0.0011EPSS
Exploits0References1
Circl
Circl
added 6 days ago6 views

CVE-2026-54004

creationtimestamp| type| source ---|---|--- 2026-07-09 21:14:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqakhwvc2726...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References1
Chainguard
Chainguard
added 6 days ago4 views

CVE-2026-14142 vulnerabilities

Vulnerabilities for packages: chromium...

5.4CVSS5.9AI score0.00173EPSS
Exploits0
Circl
Circl
added 6 days ago10 views

CVE-2026-15108

creationtimestamp| type| source ---|---|--- 2026-07-09 04:45:05+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260709...

4.3CVSS5.9AI score0.00125EPSS
Exploits0References1
NVD
NVD
added 6 days ago9 views

CVE-2026-15138

A security vulnerability has been detected in tumf mcp-text-editor up to 1.0.2. This issue affects the function validatefilepath of the file mcptexteditor/texteditor.py. Such manipulation of the argument filepath leads to path traversal. The attack can be launched remotely. The exploit has been...

7.5CVSS0.00347EPSS
Exploits0References6
Cvelist
Cvelist
added last week35 views

CVE-2026-6371 Stored XSS in Limatek's LimRAD NAC

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Limatek System Inc. LimRAD NAC allows Stored XSS. This issue affects LimRAD NAC: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

4.8CVSS0.00148EPSS
Exploits0References1
Circl
Circl
added 2026/07/07 11:35 p.m.8 views

CVE-2026-58583

creationtimestamp| type| source ---|---|--- 2026-07-07 23:35:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq3rfwfy5v2t...

8.4CVSS5.9AI score0.00101EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 6:0 a.m.11 views

CVE-2026-11855

CVE-2026-11855 affects the Simple Membership WordPress plugin prior to 4.7.5. The issue arises because Stripe webhook requests are not authenticated when no signing secret is configured, and a value taken from those requests is not escaped before being output in an administrator notice. This lead...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 6:0 a.m.6 views

CVE-2026-11855

The Simple Membership WordPress plugin before 4.7.5 does not verify the authenticity of Stripe webhook requests when no signing secret is configured, nor escape a value taken from them before outputting it in an administrator notice, allowing unauthenticated attackers to inject arbitrary web...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 12:57 p.m.5 views

WordPress Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin <= 4.3.5 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.3.5...

4.9CVSS6AI score0.00301EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2026/07/02 5:48 a.m.7 views

CVE-2026-31583

creationtimestamp| type| source ---|---|--- 2026-07-02 05:48:33+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260702 2026-07-06 05:50:35+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706...

7.8CVSS5.9AI score0.00128EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:8 p.m.6 views

CVE-2026-8857

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00333EPSS
Exploits1References2
Circl
Circl
added 2026/07/01 2:48 a.m.7 views

CVE-2026-53207

creationtimestamp| type| source ---|---|--- 2026-07-01 02:48:30+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812 2026-07-03 16:55:51+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqza2354i23 2026-07-06 06:50:39+00:00| seen|...

5.5CVSS5.9AI score0.00099EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 3:10 p.m.5 views

MINI-W57R-8XRH-4J79

Bulletin has no description...

7.5CVSS5.7AI score0.00153EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.8 views

PT-2026-53654

Name of the Vulnerable Software and Affected Versions Gigamon GVOS versions prior to 5.16.2 Description The GVOS H-VUE subsystem contains a directory traversal flaw, which allows an attacker to access files and directories outside the intended folder. Recommendations Update Gigamon GVOS to versio...

7.5CVSS5.9AI score0.00695EPSS
Exploits2References6
Circl
Circl
added 2026/06/26 5:24 p.m.10 views

CVE-2026-57636

creationtimestamp| type| source ---|---|--- 2026-06-26 17:24:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp7hk7hsot2p 2026-06-30 09:17:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpio6yxn6w2v...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53043

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...

9.1CVSS5.8AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 5:18 p.m.3 views

MINI-Q58C-458R-FF7M

Bulletin has no description...

6.1CVSS5.7AI score0.00178EPSS
Exploits0
Rows per page
Query Builder