Lucene search
K

112566 matches found

OSV
OSV
added yesterday4 views

GHSA-R3HX-X5RH-P9VV django-haystack: Remote Code Execution via `eval()` in Elasticsearch Result Deserialization

Remote Code Execution via eval in Elasticsearch Result Deserialization Summary The Elasticsearch backend in django-haystack calls eval on raw field values returned from Elasticsearch when a SearchField is declared with an indexfieldname alias that differs from the logical field name. During resul...

8.7CVSS6.6AI score
Exploits0References4
Github Security Blog
Github Security Blog
added yesterday4 views

django-haystack: Remote Code Execution via `eval()` in Elasticsearch Result Deserialization

Remote Code Execution via eval in Elasticsearch Result Deserialization Summary The Elasticsearch backend in django-haystack calls eval on raw field values returned from Elasticsearch when a SearchField is declared with an indexfieldname alias that differs from the logical field name. During resul...

6.6AI score
Exploits0References4Affected Software1
OSV
OSV
added yesterday4 views

GHSA-7GCF-G7XR-8HXJ serde_with: KeyValueMap serialization panics on empty sequence or map entries

Summary The public KeyValueMap serializer assumes that each mapped element has at least one field or item to use as the map key, but it subtracts 1 from the caller-visible length before validating that assumption. An application that serializes attacker-controlled data through serdeasas =...

5.1CVSS6.1AI score
Exploits0References5
Github Security Blog
Github Security Blog
added yesterday6 views

serde_with: KeyValueMap serialization panics on empty sequence or map entries

Summary The public KeyValueMap serializer assumes that each mapped element has at least one field or item to use as the map key, but it subtracts 1 from the caller-visible length before validating that assumption. An application that serializes attacker-controlled data through serdeasas =...

6.1AI score
Exploits0References5Affected Software1
GithubExploit
GithubExploit
added yesterday6 views

Exploit for CVE-2026-21045

CVE-2026-21045 & CVE-2026-21048 — Samsung libimagecodec.quram...

8.3CVSS6.3AI score0.00379EPSS
Exploits1
NVD
NVD
added yesterday5 views

CVE-2026-52892

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan REST handlers in server/models/customFields.js use read-level Authentication.checkBoardAccess instead of write-level Authentication.checkBoardWriteAccess for mutating custom-field routes. A read-only board member can call POST,...

6.5CVSS0.00049EPSS
Exploits0References3
NVD
NVD
added yesterday6 views

CVE-2026-50183

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a stored Cross-Site Scripting vulnerability in the YouTubeAPI plugin. The plugin renders the snippet.title field returned by the YouTube Data API into the homepage gallery markup with no HTML encoding. The title is set ...

4.7CVSS0.00031EPSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-48795

AdonisJS is a TypeScript-first web framework. From 10.1.3 until 10.1.5 and 11.0.3, AdonisJS @adonisjs/bodyparser incompletely fixed CVE-2026-25754 because nested multipart field payloads such as user.proto.polluted and constructor.prototype still caused lodash .set via @poppinss/utils to create...

8.6CVSS0.00148EPSS
Exploits0References5
NVD
NVD
added yesterday5 views

CVE-2026-15921

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS
Exploits0References2
Cvelist
Cvelist
added yesterday7 views

CVE-2026-48795 Incomplete fix for CVE-2026-25754 in @adonisjs/bodyparser

AdonisJS is a TypeScript-first web framework. From 10.1.3 until 10.1.5 and 11.0.3, AdonisJS @adonisjs/bodyparser incompletely fixed CVE-2026-25754 because nested multipart field payloads such as user.proto.polluted and constructor.prototype still caused lodash .set via @poppinss/utils to create...

8.6CVSS0.00148EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-48795

AdonisJS is a TypeScript-first web framework. From 10.1.3 until 10.1.5 and 11.0.3, AdonisJS @adonisjs/bodyparser incompletely fixed CVE-2026-25754 because nested multipart field payloads such as user.proto.polluted and constructor.prototype still caused lodash .set via @poppinss/utils to create...

8.6CVSS6.1AI score0.00148EPSS
Exploits0References6Affected Software1
CVE
CVE
added yesterday23 views

CVE-2026-48795

Summary (CVE-2026-48795): AdonisJS’s bodyparser (/@adonisjs/bodyparser) has an incomplete fix for CVE-2026-25754 in certain pre-release ranges. The issue arises in nested multipart/form-data payloads (for example involving proto or constructor.prototype) that allow lodash _.set() through @poppins...

8.6CVSS6.1AI score0.00148EPSS
Exploits0References5
EUVD
EUVD
added yesterday2 views

EUVD-2026-44822

AdonisJS is a TypeScript-first web framework. From 10.1.3 until 10.1.5 and 11.0.3, AdonisJS @adonisjs/bodyparser incompletely fixed CVE-2026-25754 because nested multipart field payloads such as user.proto.polluted and constructor.prototype still caused lodash .set via @poppinss/utils to create...

8.6CVSS6.1AI score0.00148EPSS
Exploits0References5
NVD
NVD
added yesterday5 views

CVE-2026-56679

9Router is an AI router & token saver. Prior to 0.5.4, the PATCH /api/settings endpoint writes the entire request body to persistent settings without a field whitelist, allowing an authenticated user to set security-critical fields such as requireLogin and disable authentication for the whole...

8.7CVSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-15921

The CVE-2026-15921 issue affects Node Version Manager (nvm) up to v0.40.5, where nvm ls-remote and similar commands parse the mirror index.tab and use each LTS codename as an alias filename without validation. A malicious mirror can return path-traversal codenames (e.g., ../../../.bashrc), causin...

3.1CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added yesterday9 views

CVE-2026-15921 nvm path traversal via a malicious mirror's LTS codename writes outside the alias directory

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-15921

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS6.4AI score
Exploits0References3Affected Software1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44818

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added yesterday8 views

CVE-2026-50183 WWBN AVideo: Stored XSS via Hostile YouTube Video Title in AVideo YouTubeAPI Gallery Section

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a stored Cross-Site Scripting vulnerability in the YouTubeAPI plugin. The plugin renders the snippet.title field returned by the YouTube Data API into the homepage gallery markup with no HTML encoding. The title is set ...

4.7CVSS0.00031EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-50183

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a stored Cross-Site Scripting vulnerability in the YouTubeAPI plugin. The plugin renders the snippet.title field returned by the YouTube Data API into the homepage gallery markup with no HTML encoding. The title is set ...

4.7CVSS6AI score0.00031EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder