Lucene search
K

41189 matches found

CVE
CVE
added 2026/06/21 10:45 p.m.12 views

CVE-2026-12814

CVE-2026-12814 affects Comfast CF-WR631AX V3 up to version 2.7.0.8. The vulnerability is located in the API Endpoint component, specifically the file path /cgi-bin/mbox-config?section=ping_config, where manipulation of the destination argument leads to an OS command injection. The issue can be ex...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 10:30 p.m.27 views

CVE-2026-12813 activepieces File URL file.ts handleUrlFile server-side request forgery

A vulnerability was detected in activepieces up to 0.83.0. This vulnerability affects the function handleUrlFile in the library packages/server/engine/src/lib/variables/processors/file.ts of the component File URL Handler. The manipulation results in server-side request forgery. The attack can be...

6.5CVSS0.00201EPSS
Exploits0References5
NVD
NVD
added 2026/06/21 10:16 p.m.13 views

CVE-2026-12810

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS0.01158EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 10:0 p.m.7 views

CVE-2026-12811

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...

5.3CVSS4AI score0.00288EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/21 9:45 p.m.6 views

CVE-2026-12810

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/21 9:45 p.m.13 views

CVE-2026-12810

The CVE-2026-12810 entry describes a command-injection flaw in Edimax BR-6478AC V2 firmware version 1.23. The vulnerability affects the POST Request Handler’s function mp in /goform/mp, where manipulation of the argument command enables remote execution. Public exploit availability and a lack of ...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References5
OSV
OSV
added 2026/06/21 8:16 p.m.2 views

DEBIAN-CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 8:16 p.m.12 views

CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS0.00279EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/21 7:30 p.m.8 views

CVE-2026-12806

A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack...

9CVSS7.6AI score0.00455EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/21 7:30 p.m.19 views

CVE-2026-12806

CVE-2026-12806 affects Edimax BR-6478AC V2 firmware 1.23. The vulnerable element is the POST handler function formWlSiteSurvey, specifically the argument selSSID in /goform/formWlSiteSurvey, whose manipulation can cause a buffer overflow. The issue enables remote exploitation with network access;...

9CVSS7.6AI score0.00455EPSS
Exploits0References5
OSV
OSV
added 2026/06/21 7:16 p.m.2 views

DEBIAN-CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.2AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 7:16 p.m.13 views

CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS0.00264EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/21 7:15 p.m.10 views

EUVD-2026-38191

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/21 7:15 p.m.20 views

CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS0.00279EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/21 7:15 p.m.3 views

CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/21 6:30 p.m.7 views

EUVD-2026-38190

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.5AI score0.00264EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/21 6:30 p.m.5 views

CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.2AI score0.00264EPSS
Exploits0
CVE
CVE
added 2026/06/21 6:30 p.m.12 views

CVE-2026-12804

Affected software: lemonldap-ng up to 2.23.0. Vulnerable component/file: lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm within the SAML Common Domain Cookie Endpoint. Root cause: manipulation of the argument url causes an open redirect. Impact: enables remote exploitation; attack vector is ne...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References6
NVD
NVD
added 2026/06/21 10:16 a.m.12 views

CVE-2026-12796

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

6.5CVSS0.00358EPSS
Exploits1References5
CVE
CVE
added 2026/06/21 10:0 a.m.17 views

CVE-2026-12799

The CVE-2026-12799 entry concerns BerriAI litellm up to version 1.82.2. The vulnerability affects the function ui_view_users in litellm/proxy/management_endpoints/internal_user_endpoints.py (component: Incomplete Fix CVE-2025-0628) and enables improper authorization. The issue can be exploited re...

5.3CVSS5.3AI score0.00288EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder