Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-45740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding...

7.5CVSS6AI score0.00263EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/07 4:9 a.m.14 views

CVE-2026-41640 NocoBase Vulnerable to SQL Injection via String Concatenation in Recursive Eager Loading

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

7.5CVSS5.9AI score0.01875EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/07 4:9 a.m.27 views

EUVD-2026-28261

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

7.5CVSS6AI score0.01875EPSS
Exploits1References4
CVE
CVE
added 2026/05/07 4:9 a.m.33 views

CVE-2026-41640

NocoBase CVE-2026-41640 describes an SQL injection in the core @nocobase/database package prior to v2.0.39. The vulnerable function queryParentSQL() builds a recursive CTE using string concatenation for nodeIds in a WHERE IN clause, allowing an authenticated attacker with record-creation permissi...

8.8CVSS6AI score0.01875EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder