Lucene search
K

222 matches found

NVD
NVD
added 5 days ago4 views

CVE-2026-55659

Grist is spreadsheet software using Python as its formula language. Prior to 1.7.15, several server-rendered Grist pages embedded user-controlled values into the page and into inline scripts without fully escaping them, allowing cross-site scripting. On the main application page, a document's nam...

7.7CVSS0.00275EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-55659 Grist: XSS through unsafe value interpolation in server-rendered pages

Grist is spreadsheet software using Python as its formula language. Prior to 1.7.15, several server-rendered Grist pages embedded user-controlled values into the page and into inline scripts without fully escaping them, allowing cross-site scripting. On the main application page, a document's nam...

7.7CVSS0.00275EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42514

During bosh create-env and bosh delete-env, the CLI uploads compiled CPI packages and rendered job templates to the new VM's DAV blobstore over HTTPS without verifying the server certificate, even though a CA certificate for that endpoint is available in the installation manifest. A network...

8.9CVSS7.1AI score0.00148EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-47828

During bosh create-env and bosh delete-env, the CLI uploads compiled CPI packages and rendered job templates to the new VM's DAV blobstore over HTTPS without verifying the server certificate, even though a CA certificate for that endpoint is available in the installation manifest. A network...

8.9CVSS7.1AI score0.00148EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-59929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safeurl filter in src/mistune/renderers/html.py blocks only javascript:,...

6.1CVSS6.2AI score0.00198EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13962

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00272EPSS
Exploits0
OSV
OSV
added 2026/06/26 4:48 p.m.4 views

CVE-2026-55441 mise: Arbitrary command execution via task-include files in an untrusted, config-less repository

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files mise.toml, .tool-versions through trustcheck, but task-include files are loaded on a path that never reaches it. When a directory has a task-include dir mise-tasks/,...

8.6CVSS6.1AI score0.00184EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-48940

A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...

3.4CVSS0.00167EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 9:16 p.m.11 views

CVE-2026-47376

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the password-reset page rendered the URL token directly into a JavaScript string literal in a server-rendered EJS template. EJS HTML-entity-encodes a fixed set of characters but does not escape single quotes or...

5.1CVSS0.00262EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:35 p.m.7 views

CVE-2026-47376

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the password-reset page rendered the URL token directly into a JavaScript string literal in a server-rendered EJS template. EJS HTML-entity-encodes a fixed set of characters but does not escape single quotes or...

5.1CVSS5.9AI score0.00262EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 10:19 a.m.11 views

CVE-2026-10733 Improper Restriction of Rendered UI Layers or Frames in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization...

4.3CVSS5.5AI score0.0022EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 10:19 a.m.25 views

CVE-2026-10733

GitLab CVE-2026-10733 affects GitLab CE/EE versions prior to 18.10.8 (from 17.0 line), 18.11 prior to 18.11.5, and 19.0 prior to 19.0.2. Root cause: improper sanitization that could allow an authenticated user to cause a denial-of-service on the CI/CD Catalog page. Remediation: upgrade to the pat...

4.3CVSS5.5AI score0.0022EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2026/06/11 5:53 a.m.10 views

Cross-Site Scripting (XSS)

CKAN is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization of user-supplied input in the helpers.markdownextract function before it is wrapped in an HTML literal element, which allows an attacker to inject and execute malicious scripts on dataset,...

6.3CVSS5.6AI score0.00204EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/06/08 11:8 p.m.3 views

Improper Restriction of Rendered UI Layers or Frames

Overview Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames due to missing security headers in the internal/web/ and internal/api/ response paths. An attacker can compromise the confidentiality and integrity of sensitive operations, such as...

7.1CVSS6AI score0.00031EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.12 views

CVE-2026-25681

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

8.1CVSS6.5AI score0.00178EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-42360

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

6.5CVSS5.4AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-42502

A flaw was found in golang.org/x/net/html. This vulnerability allows an attacker to manipulate how HTML is processed and displayed. By providing specially crafted HTML, an attacker can cause an unexpected structure in the rendered output. This can lead to Cross-Site Scripting XSS attacks, where...

6.1CVSS6AI score0.00178EPSS
Exploits0References7
OSV
OSV
added 2026/06/05 5:40 a.m.8 views

BIT-AIRFLOW-2026-42360 Apache Airflow: Rendered template truncation bypasses nested sensitive-key masking

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

6.5CVSS5.4AI score0.00335EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.19 views

PT-2026-46994

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description The password-reset page renders the URL token directly into a JavaScript string literal within a server-rendered EJS template. Because EJS HTML-entity-encodes only a fixed set of characters and...

5.1CVSS6AI score0.00262EPSS
Exploits0References7
OSV
OSV
added 2026/06/03 9:6 p.m.8 views

GHSA-CH57-39Q2-4CRM malla: Stored XSS via Meshtastic node names in multiple frontend pages

Node names longname, shortname received via MQTT are stored in SQLite without sanitization and rendered into the DOM without escaping. Any participant on a public Meshtastic MQTT broker can set a malicious node name that executes JavaScript in the browser of every Malla dashboard visitor. Affecte...

6.3CVSS6.1AI score0.00174EPSS
Exploits0References3
Rows per page
Query Builder