Lucene search
K

306297 matches found

NVD
NVD
added yesterday6 views

CVE-2026-50182

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain an unauthenticated Reflected XSS vulnerability through AVideo YouTubeAPI Gallery Pagination. The $GET'search' query parameter is concatenated directly into the href attribute of two pagination links in...

6.1CVSS0.00094EPSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-49279

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...

7.7CVSS0.0013EPSS
Exploits0References2
OSV
OSV
added yesterday4 views

GHSA-824W-X939-6CMC TensorZero Gateway: Arbitrary file read and SSRF in internal object storage endpoint

Impact The /internal/objectstorage endpoint accepts a caller-supplied JSON storagepath parameter that dynamically overrides the TensorZero objectstorage configuration. By abusing the filesystem storage type, a caller can read arbitrary files from the gateway filesystem, including files that may...

7.7CVSS6.1AI score
Exploits0References4
Github Security Blog
Github Security Blog
added yesterday4 views

TensorZero Gateway: Arbitrary file read and SSRF in internal object storage endpoint

Impact The /internal/objectstorage endpoint accepts a caller-supplied JSON storagepath parameter that dynamically overrides the TensorZero objectstorage configuration. By abusing the filesystem storage type, a caller can read arbitrary files from the gateway filesystem, including files that may...

6.1AI score
Exploits0References4Affected Software1
NVD
NVD
added yesterday6 views

CVE-2026-62361

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS
Exploits0References3
NVD
NVD
added yesterday6 views

CVE-2026-52887

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filterlatestMsgReceiveTimestamp$lt value was inserted into a...

10CVSS0.00048EPSS
Exploits0References3
Cvelist
Cvelist
added yesterday5 views

CVE-2026-50182 AVideo Has Unauthenticated Reflected XSS via $_GET['search'] in YouTubeAPI Gallery Pagination

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain an unauthenticated Reflected XSS vulnerability through AVideo YouTubeAPI Gallery Pagination. The $GET'search' query parameter is concatenated directly into the href attribute of two pagination links in...

6.1CVSS0.00094EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-50182

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain an unauthenticated Reflected XSS vulnerability through AVideo YouTubeAPI Gallery Pagination. The $GET'search' query parameter is concatenated directly into the href attribute of two pagination links in...

6.1CVSS6.1AI score0.00094EPSS
Exploits0References3Affected Software1
CVE
CVE
added yesterday17 views

CVE-2026-50182

Summary (CVE-2026-50182) WWBN AVideo (API + YouTubeAPI + Layout plugins) is affected. Versions prior to 29.0 contain an unauthenticated Reflected XSS via the $_GET['search'] parameter used in the YouTubeAPI gallery pagination. The payload is injected into the hrefs of the previous/next page links...

6.1CVSS6.3AI score0.00094EPSS
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44827

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain an unauthenticated Reflected XSS vulnerability through AVideo YouTubeAPI Gallery Pagination. The $GET'search' query parameter is concatenated directly into the href attribute of two pagination links in...

6.1CVSS6.3AI score0.00094EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday5 views

CVE-2026-49279 WWBN AVideo: Stored XSS via autoEvalCodeOnHTML Bypass in MessageSQLite WebSocket Handler (CVE-2026-43874 Bypass)

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...

7.7CVSS0.0013EPSS
Exploits0References2
CVE
CVE
added yesterday22 views

CVE-2026-49279

CVE-2026-49279 (WWBN AVideo) describes a stored XSS in the WebSocket messaging system. The vulnerability arises because MessageSQLite.php only strips autoEvalCodeOnHTML from json["msg"], while msgToResourceId() favors json over msg, allowing an attacker to place the payload in json and bypass san...

7.7CVSS6.3AI score0.0013EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-49279

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...

7.7CVSS6.3AI score0.0013EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44825

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...

7.7CVSS6.3AI score0.0013EPSS
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-62361

CVE-2026-62361 affects listmonk prior to version 6.2.0. The vulnerability arises in the GET /api/subscribers/export endpoint, which injects a user-controlled query parameter into QuerySubscribersForExport without calling validateQueryTables, unlike GET /api/subscribers. An authenticated user with...

5.5CVSS6.2AI score
Exploits0References3
Cvelist
Cvelist
added yesterday6 views

CVE-2026-62361 listmonk: SQL Injection in `/api/subscribers/export` bypasses table access control, leaking admin password hashes and SMTP credentials

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-62361

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS6.2AI score
Exploits0References4Affected Software1
EUVD
EUVD
added yesterday5 views

EUVD-2026-44815

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS6.2AI score
Exploits0References3
GithubExploit
GithubExploit
added yesterday15 views

labs

Security Labs !Licensehttps://img.shields.io/github/licen...

10CVSS7AI score0.96184EPSS
Exploits36
NVD
NVD
added yesterday4 views

CVE-2026-52869

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to 1.27.2, the SSE and stateful Streamable HTTP transports mcp.server.sse.SseServerTransport and mcp.server.streamablehttpmanager.StreamableHTTPSessionManager route requests to existing...

7.1CVSS0.00054EPSS
Exploits0References6
Rows per page
Query Builder