Lucene search
K

18914 matches found

Cvelist
Cvelist
added yesterday21 views

CVE-2026-15526 augmnt augments-mcp-server scan_project_deps scan-project-deps.ts scanProjectDeps path traversal

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS0.00137EPSS
Exploits0References6
CVE
CVE
added yesterday9 views

CVE-2026-15526

A vulnerability in augmnt augments-mcp-server 7.1.0 affects the function scanProjectDeps (src/tools/v4/scan-project-deps.ts) of the scan_project_deps component. The issue arises from manipulating the argument packageJsonPath, enabling path traversal. The attack is local, and a proof-of-concept/ex...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References6
NVD
NVD
added yesterday6 views

CVE-2026-15517

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx. This manipulation of the argument httpOID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

7.5CVSS0.00254EPSS
Exploits0References5
Circl
Circl
added 4 days ago7 views

CVE-2026-49977

creationtimestamp| type| source ---|---|--- 2026-07-10 18:35:03+00:00| published-proof-of-concept| https://github.com/AmauriC/tarteaucitron.js/security/advisories/GHSA-jxj7-g6gm-49j7...

6.1AI score
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42923

A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.3AI score0.00256EPSS
Exploits0References5
Circl
Circl
added 5 days ago5 views

CVE-2026-52769

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:21+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-vw42-752g-5mrp...

5.9AI score0.00066EPSS
Exploits0References1
Circl
Circl
added 5 days ago6 views

CVE-2026-52770

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:19+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-qg78-vmvc-fhjw...

5.9AI score0.00047EPSS
Exploits0References1
Circl
Circl
added 5 days ago9 views

CVE-2026-52773

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:12+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-35f3-pg38-486f...

5.9AI score0.00031EPSS
Exploits0References1
Circl
Circl
added 5 days ago7 views

CVE-2026-52774

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:10+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-r5xw-gcgw-hwp5 2026-07-13 06:00:05+00:00| confirmed|...

6.1AI score0.00039EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-15276

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this...

4.8CVSS0.0012EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-15276

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this...

4.8CVSS5.3AI score0.0012EPSS
Exploits0References7Affected Software1
CVE
CVE
added 5 days ago9 views

CVE-2026-15276

Symphonia (pdeljanov) up to version 0.6.0 exposes a denial-of-service vulnerability in the Metadata Handler. The issue affects unknown code paths; exploitation requires local access and a publicly published exploit exists. A fix is in a pull request but has not yet been accepted. The advisory not...

4.8CVSS5.3AI score0.0012EPSS
Exploits0References7
CVE
CVE
added 5 days ago22 views

CVE-2026-54005

Kirby CMS has a vulnerability tracked as CVE-2026-54005 where the /api/site/find route does not check the pages.access permission. Prior to versions 4.9.4 and 5.4.4, authenticated users who know or guess page IDs or UUIDs could retrieve full page content and metadata for arbitrary published pages...

7.1CVSS6AI score0.00269EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-15191 mettle sendportal Campaign Creation Endpoint CampaignStoreRequest.php authorization

A flaw has been found in mettle sendportal up to 3.0.1. This vulnerability affects unknown code of the file vendor/mettle/sendportal-core/src/Http/Requests/CampaignStoreRequest.php of the component Campaign Creation Endpoint. Executing a manipulation can lead to authorization bypass. The attack c...

6.5CVSS0.0022EPSS
Exploits0References6
Circl
Circl
added 5 days ago8 views

CVE-2026-50554

creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:10+00:00| published-proof-of-concept| https://github.com/enchant97/note-mark/security/advisories/GHSA-588f-fvcv-xhvf...

5.9AI score0.00048EPSS
Exploits0References1
Circl
Circl
added 5 days ago8 views

CVE-2026-53727

creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:05+00:00| published-proof-of-concept| https://github.com/premailer/cssparser/security/advisories/GHSA-9pmc-p236-855h...

5.9AI score
Exploits0References1
Circl
Circl
added 5 days ago8 views

CVE-2026-50553

creationtimestamp| type| source ---|---|--- 2026-07-09 14:02:22+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mq7sctc67r25 2026-07-09 14:35:07+00:00| published-proof-of-concept| https://github.com/enchant97/note-mark/security/advisories/GHSA-rqrh-8wpv-x7hh...

5.9AI score0.00059EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42468

A flaw has been found in davenardella snap7 up to 1.4.3. This affects the function TS7Worker::PerformFunctionRead of the file src/core/s7server.cpp of the component ReadVar Request Handler. This manipulation causes deserialization. The attack requires access to the local network. The exploit has...

6.3CVSS5.5AI score0.00285EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-56991

Name of the Vulnerable Software and Affected Versions pdeljanov Symphonia versions prior to 0.6.1 Description A flaw in the Metadata Handler component allows a local attacker to cause a denial of service. Recommendations At the moment, there is no information about a newer version that contains a...

4.8CVSS6.1AI score0.0012EPSS
Exploits0References10
Circl
Circl
added 6 days ago14 views

CVE-2026-50197

creationtimestamp| type| source ---|---|--- 2026-07-08 22:35:12+00:00| published-proof-of-concept| https://github.com/zalando/skipper/security/advisories/GHSA-659f-rgp5-w4wf...

5.9AI score
Exploits0References1
Rows per page
Query Builder