Lucene search
K

102887 matches found

EUVD
EUVD
added 2026/06/23 5:50 p.m.6 views

EUVD-2026-38557

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\secret.txt as outside /private/, but fileserver later resolves the same request path as private\secret.txt on disk. An unauthenticated remote client can bypass Caddy...

7.5CVSS5.9AI score0.00409EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/23 5:24 p.m.5 views

CVE-2026-44726 Deno: TLS retry copies stale upgrade hook, risking plaintext traffic

Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a TLS client to transmit application data in plaintext after a connection retry. When autoSelectFamily was enabled and the first address-family attempt...

7.4CVSS5.9AI score0.00142EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 5:19 p.m.33 views

CVE-2026-49406 Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode nodeModulesDir: "manual", the module resolver did not validate that a package's resolved entrypoint stayed within its nodemodules// directory. A malicious package.json whose main field...

5.5CVSS0.00135EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 5:19 p.m.11 views

CVE-2026-49406

The CVE describes a vulnerability in Deno when run in BYONM mode (nodeModulesDir: "manual"): the module resolver could bypass the read boundary by resolving a package.json main field containing .. segments, allowing a malicious package to read files outside the approved --allow-read scope via req...

5.5CVSS5.9AI score0.00135EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/06/23 5:18 p.m.10 views

CVE-2026-49411

Summary (technical, grounded): CVE-2026-49411 affects Deno’s Node.js compatibility TCP path. Prior to v2.8.0, permission checks for deny-net were performed on the original hostname string before DNS resolution and not re-checked after resolution. This allowed a numeric IP alias (for example 21307...

6.5CVSS5.8AI score0.00111EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/23 5:17 p.m.9 views

CVE-2026-55450

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the...

9.3CVSS0.0031EPSS
Exploits1References2
NVD
NVD
added 2026/06/23 5:16 p.m.4 views

CVE-2026-42867

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API POST /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are used directly to create file paths without...

6.5CVSS0.00313EPSS
Exploits1References2
NVD
NVD
added 2026/06/23 5:16 p.m.5 views

CVE-2025-13162

Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1...

4.4CVSS0.00083EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/23 5:13 p.m.10 views

Gogs Vulnerable to Unauthenticated Organization Teams Information Disclosure via API

Summary Gogs has an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint at internal/route/api/v1/orgteam.go:8 returns all teams for any organization without requiring authentication. The route group at internal/route/api/v1/api.go:380-385 lacks the...

6.9CVSS5.8AI score0.01553EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/23 5:10 p.m.3 views

GHSA-C39W-43GM-34H5 Gogs has Path Traversal in organization name that results in RCE through Git hooks

Summary Organization names containing path traversal sequences ../ are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary locations on the filesystem. By creating nested structure of...

10CVSS6.1AI score0.01107EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/23 5:10 p.m.10 views

Gogs has Path Traversal in organization name that results in RCE through Git hooks

Summary Organization names containing path traversal sequences ../ are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary locations on the filesystem. By creating nested structure of...

10CVSS6.1AI score0.01107EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/23 5:9 p.m.3 views

GHSA-89MR-XQFV-758M Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Summary Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component — UploadRepoFiles is the lone outlier. An attacker with repo-wri...

9CVSS6.2AI score0.00474EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/23 5:9 p.m.9 views

Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Summary Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component — UploadRepoFiles is the lone outlier. An attacker with repo-wri...

9CVSS6.2AI score0.00474EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/23 4:47 p.m.33 views

CVE-2026-54011 Open WebUI: Stored XSS in Mermaid Markdown Preview

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

8.7CVSS0.002EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:45 p.m.33 views

CVE-2026-54014 Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

4.3CVSS0.00244EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:45 p.m.15 views

CVE-2026-54014

Open WebUI (open-webui/open-webui) before version 0.9.6 is affected by a sibling-prefix path traversal in the cache file endpoint. The vulnerability stems from serve_cache_file() validating the absolute path with file_path.startswith(os.path.abspath(CACHE_DIR)) without appending a trailing path s...

4.3CVSS5.9AI score0.00244EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 4:29 p.m.32 views

CVE-2026-42867 Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API POST /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are used directly to create file paths without...

6.5CVSS0.00313EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 4:29 p.m.17 views

CVE-2026-42867

CVE-2026-42867 – Langflow exposed path traversal via the Knowledge Bases API (POST /api/v1/knowledge_bases). The root cause is that user-supplied base names are concatenated into file paths without proper containment checks, allowing an authenticated attacker to create directories and write files...

6.5CVSS5.9AI score0.00313EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/23 4:26 p.m.16 views

CVE-2026-55446

Langflow before version 1.0.19 is vulnerable to unauthenticated DoS on the /api/v1/files/upload/ endpoint by sending a multipart/form-data request with an extremely long boundary. The vulnerability allows an attacker to cause the server to become unusable for all users for an indefinite period, w...

7.5CVSS5.9AI score0.00321EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/23 4:17 p.m.33 views

CVE-2026-55450

Langflow prior to 1.9.1 allows unauthenticated uploads via the /upload/{flow_id} endpoint, enabling unlimited data transfer, which can cause server disk-space exhaustion (DoS). The response also leaks the absolute path of the uploaded file, an information leak that could aid further attacks. The ...

9.3CVSS5.9AI score0.0031EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder