Lucene search
K

7809 matches found

Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00103EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS6.1AI score0.00103EPSS
Exploits0References5
NVD
NVD
added 4 days ago5 views

CVE-2026-56309

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS0.00259EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago12 views

EUVD-2026-42883

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS6.2AI score0.00259EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago27 views

CVE-2026-56309 Capgo - Plan Bypass via Unrestricted Attachment Upload Endpoint

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS0.00259EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-56309

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, enabling plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS6.2AI score0.00259EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42659

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns ...

9.9CVSS6.2AI score0.00447EPSS
Exploits0References6
OSV
OSV
added 6 days ago2 views

CVE-2026-35210 OpenCTI: Authorization Bypass via `synchronized-upsert` HTTP Header Injection

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGEKNUPDATE permission to bypass Confidence Level validation and Object Marking...

7.1CVSS6.1AI score0.00269EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 6 days ago4 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS6.1AI score0.0016EPSS
Exploits1References6
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-42250

Capgo before 12.128.2 allows upload-scoped API keys to modify the mutable appversions.r2path field through PostgREST, enabling retargeting to arbitrary R2 bundle objects. Attackers can patch r2path to point to victim objects, soft-delete the attacker-controlled version, and trigger the...

8.7CVSS6AI score0.00258EPSS
Exploits0References2
CVE
CVE
added 6 days ago5 views

CVE-2026-56250

Capgo before 12.128.2 is affected. The issue enables upload-scoped API keys to modify the mutable app_versions.r2_path via PostgREST, allowing retargeting of to arbitrary R2 bundle objects. An attacker can patch r2_path to point to victim objects, soft-delete the attacker-controlled version, and ...

8.7CVSS6AI score0.00258EPSS
Exploits0References2
NVD
NVD
added 6 days ago7 views

CVE-2026-57256

When the application opens a PDF and executes JavaScript, it performs abnormal operations on the list box field, and this operation is repeated after the form is reset. During this process, the application failed to adequately verify the validity of the form objects and their internal dictionary...

7.8CVSS0.00118EPSS
Exploits0References2
NVD
NVD
added 6 days ago10 views

CVE-2026-57249

After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed...

7.8CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added 6 days ago10 views

CVE-2026-57246

When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added 6 days ago8 views

CVE-2026-57247

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing...

7.8CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added 6 days ago10 views

CVE-2026-13127

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-13127 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-42186

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash...

7.8CVSS6AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-13127

CVE-2026-13127 concerns Foxit PDF Editor/Reader annotation handling. The description states that when opening a PDF, JavaScript rewrites the document to modify page structure, causing page objects to become invalid; thumbnails still reference the invalid objects, leading to a crash. The CVSS 3.1 ...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-13127

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash...

7.8CVSS6AI score0.00116EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder