Lucene search
K

304142 matches found

GithubExploit
GithubExploit
added 43 minutes ago4 views

Exploit for CVE-2026-21045

CVE-2026-21045 & CVE-2026-21048 — Samsung libimagecodec.quram...

8.3CVSS6.3AI score0.00379EPSS
Exploits1
NVD
NVD
added 49 minutes ago3 views

CVE-2026-54458

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page th...

9.6CVSS
Exploits0References2
NVD
NVD
added 49 minutes ago3 views

CVE-2026-53445

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan copyBoard Meteor DDP method in server/publications/boards.js copies a board by caller-supplied board ID without checking this.userId, membership, or admin access. Any authenticated user can copy a private board they are not a...

7.1CVSS0.00041EPSS
Exploits0References3
NVD
NVD
added 49 minutes ago4 views

CVE-2026-52892

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan REST handlers in server/models/customFields.js use read-level Authentication.checkBoardAccess instead of write-level Authentication.checkBoardWriteAccess for mutating custom-field routes. A read-only board member can call POST,...

6.5CVSS0.00049EPSS
Exploits0References3
OSV
OSV
added 1 hour ago0 views

GHSA-62GX-5Q78-WRVX obsidian-local-rest-api: Authenticated path traversal via URL-encoded %2F in /vault/{path} — arbitrary host file read/write/delete

Summary The Local REST API's /vault/path endpoints GET/PUT/PATCH/POST/DELETE percent-decode the request path inside the handler — after Express has already routed and normalized it, then hand it to the Obsidian vault adapter with no confinement check. A literal ../ is resolved/rejected at the...

8.8CVSS6.2AI score
Exploits0References3
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-54458 AVideo: Unauthenticated Stored DOM Cross-Site Scripting via Per-Client Metadata Broadcast in YPTSocket Plugin

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page th...

9.6CVSS
Exploits0References2
CVE
CVE
added 1 hour ago13 views

CVE-2026-54458

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page th...

9.6CVSS6.3AI score
Exploits0References2
NVD
NVD
added 1 hour ago7 views

CVE-2026-56678

9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...

6.4CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago8 views

CVE-2026-53445 Wekan: Authorization bypass in copyBoard DDP method allows any user to copy private boards

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan copyBoard Meteor DDP method in server/publications/boards.js copies a board by caller-supplied board ID without checking this.userId, membership, or admin access. Any authenticated user can copy a private board they are not a...

7.1CVSS0.00041EPSS
Exploits0References3
CVE
CVE
added 1 hour ago8 views

CVE-2026-53445

CVE-2026-53445 (Wekan) : Affected component is Wekan’s copyBoard DDP publication (server/publications/boards.js). Before version 9.32, the copy operation copied a board by caller-supplied boardId without validating this.userId, membership, or admin access, enabling any authenticated user to copy ...

7.1CVSS6.1AI score0.00041EPSS
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44832

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan copyBoard Meteor DDP method in server/publications/boards.js copies a board by caller-supplied board ID without checking this.userId, membership, or admin access. Any authenticated user can copy a private board they are not a...

7.1CVSS6.1AI score0.00041EPSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-52892 Wekan: Read-only board members can create/modify/delete Custom Fields (privilege escalation via read-level authz on write ops)

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan REST handlers in server/models/customFields.js use read-level Authentication.checkBoardAccess instead of write-level Authentication.checkBoardWriteAccess for mutating custom-field routes. A read-only board member can call POST,...

6.5CVSS0.00049EPSS
Exploits0References3
CVE
CVE
added 1 hour ago4 views

CVE-2026-52892

Summary: CVE-2026-52892 affects Wekan, an open‑source Kanban app built on Meteor. Before version 9.32, REST handlers in server/models/customFields.js checked read‑level access (Authentication.checkBoardAccess) for mutating custom-field routes, instead of write‑level access (Authentication.checkBo...

6.5CVSS6.1AI score0.00049EPSS
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44830

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan REST handlers in server/models/customFields.js use read-level Authentication.checkBoardAccess instead of write-level Authentication.checkBoardWriteAccess for mutating custom-field routes. A read-only board member can call POST,...

6.5CVSS6.1AI score0.00049EPSS
Exploits0References3
Cvelist
Cvelist
added 2 hours ago6 views

CVE-2026-62361 listmonk: SQL Injection in `/api/subscribers/export` bypasses table access control, leaking admin password hashes and SMTP credentials

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS
Exploits0References3
Cvelist
Cvelist
added 2 hours ago5 views

CVE-2026-56678 9Router: Kiro region injection allows authenticated SSRF with Authorization header forwarding

9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...

6.4CVSS
Exploits0References3
CVE
CVE
added 2 hours ago6 views

CVE-2026-56678

9Router prior to v0.5.6 is vulnerable in the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key, which builds an upstream URL from a user-controlled region value. An authenticated attacker can supply a crafted region (example: kiro-canary.local:8443#) to trigger SSRF by directing the v...

6.4CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-44813

9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...

6.4CVSS6.1AI score
Exploits0References3
GithubExploit
GithubExploit
added 2 hours ago8 views

labs

Security Labs !Licensehttps://img.shields.io/github/licen...

10CVSS7AI score0.96184EPSS
Exploits36
NVD
NVD
added 2 hours ago5 views

CVE-2026-49867

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase template static resources let authenticated users submit TemplateManageRequest.staticResource through POST /de2api/templateManage/save or DataVisualizationServer.decompression, after which...

6.3CVSS0.00032EPSS
Exploits0References3
Rows per page
Query Builder