Lucene search
K

7 matches found

Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-15499 AstrBotDevs AstrBot Scheduled Task cron_tools.py FutureTaskTool.call improper authorization

A security flaw has been discovered in AstrBotDevs AstrBot up to 4.25.2. Affected is the function FutureTaskTool.call of the file astrbot/core/tools/crontools.py of the component Scheduled Task Handler. Performing a manipulation of the argument payload"note" results in improper authorization...

6.5CVSS0.00201EPSS
Exploits0References5
CVE
CVE
added 2 days ago7 views

CVE-2026-15499

AstrBotDevs AstrBot (versions up to 4.25.2) contains a vulnerability in the function FutureTaskTool.call (astrbot/core/tools/cron_tools.py). Manipulating payload["note"] leads to improper authorization, enabling remote exploitation. Public exploit availability is reported. No remediation details ...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43221

A security flaw has been discovered in AstrBotDevs AstrBot up to 4.25.2. Affected is the function FutureTaskTool.call of the file astrbot/core/tools/crontools.py of the component Scheduled Task Handler. Performing a manipulation of the argument payload"note" results in improper authorization...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/29 5:18 p.m.7 views

CVE-2026-45668

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled achieves RCE via docName path traversal and XSS by combining a payload note type: code, mime:...

9.3CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/29 5:18 p.m.21 views

EUVD-2026-33376

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled achieves RCE via docName path traversal and XSS by combining a payload note type: code, mime:...

9.3CVSS5.8AI score0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 5:18 p.m.22 views

CVE-2026-45668

CVE-2026-45668 affects Trilium Notes prior to 0.102.2. A malicious ZIP imported with Safe Import enabled can lead to remote code execution via a #docName path traversal and XSS by combining a payload note (type: code, mime: text/plain) containing HTML/JS with a trigger note (type: doc or launcher...

9.3CVSS5.8AI score0.0017EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2020/10/06 12:0 a.m.668 views

Karel IP Phone IP1211 Web Management Panel - Directory Traversal

Exploit Title: Karel IP Phone IP1211 Web Management Panel - Directory Traversal Exploit Author: Berat Gokberk ISLER Date: 2020-09-01 CVE: N/A Type: Webapps Vendor Homepage: https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon Version: IP1211 Details Directory traversal vulnerability on the Karel...

7.4AI score
Exploits0
Rows per page
Query Builder