Lucene search
+L

1736 matches found

cve
cve
added 2026/05/29 6:15 p.m.26 views

CVE-2026-49386

CVE-2026-49386 affects JetBrains YouTrack prior to 2026.1.13570, where an improper access control allows enumeration of restricted issues and articles on Planning Canvas. The issue’s impact is limited to information exposure (enumeration) without indicating broader code execution or data modifica...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2026/05/29 6:15 p.m.14 views

CVE-2026-49386

In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.12 views

PT-2026-44966

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2026.1.13570 Description Improper access control allows the enumeration of restricted issues and articles on the Planning Canvas. Recommendations Update to version 2026.1.13570...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/05/29 12:0 a.m.12 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based error tracking and project management software developed by Czech company JetBrains. This software features error tracking, the ability to create workflows, and monitoring of project progress. Versions of JetBrains YouTrack prior to 2026.1.13570 contained...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/28 12:0 a.m.9 views

TREK 安全漏洞

TREK is a self-hosted, real-time collaboration travel planning tool developed by Maurice’s individual developer. It supports map management, budget tracking, and itinerary management. Versions of TREK prior to 3.0.18 contained security vulnerabilities. These vulnerabilities stemmed from the login...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2026/05/27 3:16 p.m.12 views

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

7.3CVSS6.4AI score0.00384EPSS
Exploits0References1
githubexploit
githubexploit
added 2026/05/26 8:41 a.m.101 views

AI_AutoExploitGeneration

🎯 AI-POWERED AUTOMATED EXPLOIT GENERATION AEG SYSTEM Vers...

5.9AI score
Exploits0
cnnvd
cnnvd
added 2026/05/19 12:0 a.m.10 views

Apache OFBiz 授权问题漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 had vulnerabilities related to authorization issues, which stemmed from imprope...

6.5CVSS5.8AI score0.00513EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/18 12:0 a.m.10 views

FacturaScripts 信息泄露漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to version 2026 contained a vulnerability related to information leakage. This vulnerability stemmed from the Library module not clearing the EXIF/XMP/IPTC metadata...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
githubexploit
githubexploit
added 2026/05/16 1:52 a.m.95 views

KonR

KonR Hierarchical multi-agent AI penetration testing system p...

5.8AI score
Exploits0
cvelist
cvelist
added 2026/05/14 1:0 p.m.49 views

CVE-2026-6575 PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array

Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past that array end. Within major version 18, minor versions before PostgreSQL...

4.3CVSS0.00208EPSS
Exploits0References1
euvd
euvd
added 2026/05/13 9:17 p.m.10 views

EUVD-2026-30196

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.12.0, an improper restriction of XML external entity XXE reference vulnerability in the EDI Module enables an authenticated attacker to read files from the local file system, including sensitive...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.13 views

Microsoft Dynamics 365 安全漏洞

Microsoft Dynamics 365 is a ERP business solution developed by the American company Microsoft, designed for multinational enterprises. It is used for financial management, production management, and business intelligence management, among other purposes. There are security vulnerabilities in...

9.1CVSS6AI score0.00748EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/11 8:27 p.m.11 views

CVE-2026-8242

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/05/11 8:27 p.m.12 views

CVE-2026-8218

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...

4.8CVSS4.1AI score0.00206EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/11 1:45 a.m.6 views

CVE-2026-8262

A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/05/11 12:15 a.m.71 views

CVE-2026-8256 Devs Palace ERP Online mr-save cross site scripting

A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. T...

4.8CVSS0.00202EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/05/11 12:0 a.m.16 views

PT-2026-39548

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. This affects an unknown part of the file /inventory/add new customer. This manipulation causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be used for...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/05/11 12:0 a.m.21 views

PT-2026-39549

A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. T...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References5
cve
cve
added 2026/05/10 11:45 p.m.29 views

CVE-2026-8254

Dev@ ERP Online (vulnerable up to 4.0.0) has a cross-site scripting flaw in the /inventory/sales_save endpoint. The issue arises from manipulation of that function, enabling remote exploitation with user interaction required for triggering. Public PoC/exploit appears to exist per sources; vendor ...

4.8CVSS4.2AI score0.00253EPSS
Exploits0References4
Rows per page
Query Builder