826 matches found
CVE-2026-58500
MCP Appium is an MCP server that provides AI assistants with tools to automate mobile app testing on Android and iOS. In versions prior to 1.85.10, the createLocatorGeneratorUI function interpolates attacker-controlled element attributes — text, content-desc, resource-id, and locator selector...
CVE-2026-12257
CVE-2026-12257 affects Mura CMS prior to 10.0.712. The flaw is in the POST handling of the endpoint /index.cfm/_api/json/v1/default, where the method parameter is not properly validated, allowing an attacker to inject and execute arbitrary CFML and instantiate malicious Java objects, resulting in...
EUVD-2026-43267
A vulnerability was detected in kLOsk adloop up to 0.9.0. This vulnerability affects the function validateurls of the file src/adloop/ads/write.py. Performing a manipulation of the argument finalurl results in server-side request forgery. The attack may be initiated remotely. The exploit is now...
PT-2026-57918
Name of the Vulnerable Software and Affected Versions Crypt::OpenSSL::X509 versions prior to 2.1.3 Description A heap out-of-bounds read occurs when processing a long certificate extension Object Identifier OID in hv exts. This happens during the construction of the extension hash through the...
CVE-2026-56690
Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure, Information...
libcurl 8.11.1 < 8.21.0 Netrc Wrong User Password Leak (CVE-2026-8926)
The version of libcurl installed on the remote host is 8.11.1 prior to 8.21.0. It is, therefore, affected by a credential leak vulnerability: - When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a username without a password, curl could wrongly ge...
Langflow < 1.9.1 Multiple Vulnerabilities
The version of Langflow installed on the remote host is prior to 1.9.1. It is, therefore, affected by multiple vulnerabilities: - An Insecure Direct Object Reference IDOR vulnerability in the /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user...
dnsmasq < 2.93 Heap-Based Buffer Overflow (CVE-2026-12725)
The version of dnsmasq installed on the remote host is prior to 2.93. It is, therefore, affected by a heap-based buffer overflow vulnerability. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause...
CVE-2026-59822 LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback
LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key...
CVE-2026-60102
Horde Virtual File System VFS API before 3.0.1 contains an OS command injection vulnerability in the HordeVfsSmb driver where the escapeShellCommand method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled...
CVE-2026-34149
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, DatabaseBackupJob interpolates user-controlled database credentials and MongoDB collection exclusion names into backup shell commands without adequate escaping, allowing an...
CVE-2026-34158
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker helper wraps user-controlled commands in single quotes without escaping embedded single quotes. Attackers who can edit application settings can inject a...
Microsoft Edge (Chromium) < 150.0.4078.48 (CVE-2026-57991)
The version of Microsoft Edge installed on the remote Windows host is prior to 150.0.4078.48. It is, therefore, affected by a vulnerability as referenced in the July 2, 2026 advisory. - Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an...
Keycloak < 26.6.4 Multiple Vulnerabilities
The version of Keycloak installed on the remote host is prior to 26.6.4. It is, therefore, affected by multiple vulnerabilities, including the following: - A user with group-admin privileges can escalate to realm-admin, gaining full administrative control over the realm. CVE-2026-9099 - An...
EUVD-2026-41254
The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role Contributor to disclose non-public content that WordPress would not otherwise expose to them,...
DEBIAN-CVE-2026-14110
Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-13991
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14121
CVE-2026-14121 affects Chromoting in Google Chrome on Linux, due to a use-after-free in Chromoting that enables a remote attacker to execute arbitrary code via malicious network traffic. Affected: Chrome/Chromium on Linux prior to 150.0.7871.47. Impact signals in the source documents include high...
CVE-2026-14080
Insufficient validation of untrusted input in TabSwitcher in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via malicious network traffic. Chromium security severity: Low...
CVE-2026-13905
Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...