Lucene search
K

273 matches found

EUVD
EUVD
added 5 days ago6 views

EUVD-2026-39596

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00184EPSS
Exploits0References3
NVD
NVD
added 5 days ago8 views

CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS0.00184EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 6 days ago8 views

CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00184EPSS
Exploits0References3
CVE
CVE
added 6 days ago16 views

CVE-2026-13083

CVE-2026-13083 concerns the Pen Drive report generator, where cluster-sourced data is rendered into HTML reports without proper escaping or sanitization, enabling stored XSS. An attacker with cluster administrator privileges can inject XSS payloads into cluster objects (e.g., ClusterVersion spec....

6.9CVSS5.7AI score0.00184EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 6 days ago5 views

CVE-2026-13083 Pen-drive: pen-drive: stored xss via unescaped cluster data in html report

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.6AI score0.00184EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago41 views

CVE-2026-13083 Pen-drive: pen-drive: stored xss via unescaped cluster data in html report

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS0.00184EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-52630

Name of the Vulnerable Software and Affected Versions Pen Drive report generator affected versions not specified Description An issue exists where cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. This allows an attacker with cluster administrator...

6.9CVSS5.6AI score0.00184EPSS
Exploits0References10
GithubExploit
GithubExploit
added 2026/05/10 1:39 a.m.180 views

Dark-Moon

The Open-Source AI-...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/06 4:43 a.m.69 views

Autonomous-AI-PenTest-Agent

Auto...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.7 views

Pen-Strategist: A Reasoning Framework for Penetration Testing Strategy Formation and Analysis

Cyber threats are rapidly increasing, expanding their impact from large-scale enterprises to government services and individual users, making robust security systems increasingly essential. However, a significant shortage of skilled cybersecurity professionals exacerbates this challenge. While...

5.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/21 6:16 p.m.5 views

CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

4.8CVSS5.7AI score0.00166EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/04/21 5:43 p.m.7 views

CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

4.8CVSS5.3AI score0.00166EPSS
Exploits1
CVE
CVE
added 2026/04/13 2:27 a.m.12 views

CVE-2026-6179

CVE-2026-6179 concerns a stored cross-site scripting (XSS) vulnerability in NightWolf Penetration Testing Platform. The affected entry states that an attacker can trigger and run malicious script in a user’s browser due to a stored XSS flaw, enabling impact on user-side confidentiality and integr...

6.3CVSS5.8AI score0.00305EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.7 views

PT-2026-25652

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

7.1CVSS5.8AI score0.00268EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.3 views

PT-2026-25659

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

7.1CVSS5.8AI score0.00268EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.5 views

PT-2026-25655

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

7.1CVSS5.8AI score0.00268EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25651

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

7.1CVSS5.8AI score0.00268EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.9 views

PT-2026-25647

An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds write, potentially leading to code execution...

7.8CVSS5.9AI score0.00269EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25644

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

7.1CVSS5.8AI score0.00268EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.9 views

PT-2026-25641

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

7.1CVSS5.8AI score0.00268EPSS
Exploits1References6
Rows per page
Query Builder