Lucene search
K

334 matches found

EUVD
EUVD
added 2026/03/19 10:36 p.m.4 views

EUVD-2026-13378

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 10:36 p.m.1 views

CVE-2026-30874

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/19 10:36 p.m.24 views

CVE-2026-30874

OpenWrt procd PATH environment variable filter bypass (CVE-2026-30874). In OpenWrt versions prior to 24.10.6, hotplug_call does not exclude PATH due to a strcmp vs strncmp bug, allowing a local attacker to influence which binaries are executed by procd-invoked scripts with elevated privileges, po...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
Amazon
Amazon
added 2026/03/19 12:0 a.m.11 views

Medium: gvfs

Issue Overview: A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint,...

4.3CVSS6.4AI score0.0036EPSS
Exploits2
EUVD
EUVD
added 2026/03/18 9:30 a.m.4 views

EUVD-2026-12795

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper...

8.6CVSS5.9AI score0.00521EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/18 9:30 a.m.14 views

JSONPath Injection in Spring AI Vector Stores FilterExpressionConverter

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper...

8.6CVSS5.9AI score0.00521EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/18 7:39 a.m.3 views

CVE-2026-22729

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper...

8.6CVSS5.9AI score0.00521EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/18 7:39 a.m.30 views

CVE-2026-22729 CVE-2026-22729: JSONPath Injection in Spring AI Vector Stores FilterExpressionConverter

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper...

8.6CVSS0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.3 views

CVE-2026-28676

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

8.8CVSS5.7AI score0.0043EPSS
Exploits0References1
NVD
NVD
added 2026/03/06 5:16 a.m.10 views

CVE-2026-28676

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

8.8CVSS0.0043EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/06 4:23 a.m.7 views

EUVD-2026-9987

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

8.8CVSS5.8AI score0.0043EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.9 views

PT-2026-23643

Name of the Vulnerable Software and Affected Versions OpenSift versions prior to 1.6.3-alpha Description OpenSift is an AI study tool that uses semantic search and generative AI to process large datasets. Versions of OpenSift prior to 1.6.3-alpha had path-injection risks in file read, write, and...

8.8CVSS5.8AI score0.0043EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.8 views

PT-2026-23611

Name of the Vulnerable Software and Affected Versions Agentgateway versions prior to 0.12.0 Description Agentgateway, an open source data plane for agentic AI connectivity, has an issue where input path, query, and header values are not sanitized when converting MCP tools/call requests to OpenAPI...

4.9CVSS5.8AI score0.00144EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/02 12:49 p.m.40 views

CVE-2025-12462 Blind SQL Injection in DobryCMS

A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0...

9.3CVSS0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.10 views

Studio Fabryka DobryCMS SQL注入漏洞

Studio Fabryka DobryCMS is a content management system developed by Studio Fabryka. Versions of Studio Fabryka DobryCMS prior to version 8.0 had a SQL injection vulnerability. This vulnerability stemmed from SQL injections in URL paths, which could lead to blind injection attacks...

9.3CVSS5.8AI score0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/26 3:10 p.m.4 views

CVE-2026-28296 Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS6.4AI score0.0036EPSS
Exploits2References2
NVD
NVD
added 2026/02/14 7:16 a.m.22 views

CVE-2026-1792

The Geo Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL path in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

6.1CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/02/14 6:42 a.m.12 views

CVE-2026-1792

The Geo Widget WordPress plugin (up to version 1.0) is vulnerable to Stored Cross-Site Scripting via the URL path due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary web scripts on pages viewed by users, leading to potential user-side code ex...

6.1CVSS5.7AI score0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/02/12 8:45 a.m.7 views

BIT-NGINX-INGRESS-CONTROLLER-2026-24512 ingress-nginx auth-method nginx configuration injection

A security issue was discovered in ingress-nginx where the rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note tha...

8.8CVSS6.5AI score0.00501EPSS
Exploits1References2
NVD
NVD
added 2026/02/11 3:16 p.m.5 views

CVE-2019-25315

WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface...

6.4CVSS0.00184EPSS
Exploits0References3
Rows per page
Query Builder