Lucene search
K

6685 matches found

Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28521

Name of the Vulnerable Software and Affected Versions Invoice Ninja versions 5.13.0 through 5.13.3 Description Invoice Ninja, an invoice, quote, project, and time-tracking application built with Laravel, has an issue where the product notes fields in versions 5.13.0 through 5.13.3 allow raw HTML...

5.4CVSS5.8AI score0.00202EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2026/03/25 9:57 p.m.251 views

cross-site-scripting-lab

XSS Lab Documentation Overview What Is Cross-Site Scr...

6.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/25 6:39 p.m.3 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS5.9AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 6:39 p.m.10 views

CVE-2026-33749

n8n is vulnerable to XSS in versions prior to 1.123.27, 2.13.3, and 2.14.1. An authenticated user who can create or modify workflows could craft a workflow that returns an HTML binary data object via /rest/binary-data without a filename and without Content-Disposition or Content-Security-Policy h...

9CVSS5.9AI score0.00249EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/25 6:39 p.m.5 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS5.9AI score0.00249EPSS
Exploits0References3
OSV
OSV
added 2026/03/25 6:31 p.m.5 views

GHSA-86VC-MG26-FJ6X Mattermost: Authenticated DoS through failure to prevent rendering of external SVGs on link embeds

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub. Mattermost Advisory ID:...

4.3CVSS5.9AI score0.00351EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/25 4:30 p.m.0 views

CVE-2026-20719 DoS via URL Previews Rendering Malicious SVGs

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub.. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:30 p.m.27 views

CVE-2026-20719 DoS via URL Previews Rendering Malicious SVGs

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub.. Mattermost Advisory ID:...

4.3CVSS0.00351EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:30 p.m.19 views

CVE-2026-20719

CVE-2026-20719 affects Mattermost server/components that render external SVGs in link embeds across Mattermost 10.11.x–11.4.x (including 11.2.x, 11.3.x, 11.4.x). The root cause is failure to prevent rendering of external SVGs in embeds, enabling unauthenticated users to crash the web/desktop apps...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:14 p.m.4 views

CVE-2026-25465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.37...

6.5CVSS5.2AI score0.00161EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/25 1:15 p.m.2 views

CVE-2026-23366

A flaw was found in the Linux kernel's Direct Rendering Manager DRM client component. This vulnerability occurs when the system attempts to destroy an uninitialized memory pointer, specifically the 'modes' variable within the drmclientmodesetprobe function, after a memory allocation failure. This...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/25 12:27 a.m.3 views

SUSE CVE-2026-26195

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, stored xss is still possible through unsafe template rendering that mixes user input with safe plus permissive sanitizer handling of data urls. This issue has been patched in version 0.14.2...

6.9CVSS5.7AI score0.00189EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Craft CMS 5.9.x < 5.9.11 Stored XSS (GHSA-3x4w-mxpf-fhqq)

The version of Craft CMS installed on the remote host is 5.9.x prior to 5.9.11. It is, therefore, affected by a cross-site scripting vulnerability: - The revision/draft context menu in the element editor renders the creator's fullName as raw HTML due to the use of Template::raw combined with...

5.4CVSS5.7AI score0.00243EPSS
Exploits0References2
OSV
OSV
added 2026/03/24 10:15 p.m.3 views

GHSA-M2P3-HWV5-XPQW Scriban: Denial of Service via Unbounded Cumulative Template Output Bypassing LimitToString

Summary The LimitToString safety limit default 1MB since commit b5ac4bf can be bypassed to allocate approximately 1GB of memory by exploiting the per-call reset of currentToStringLength in ObjectToString. Each template expression rendered through TemplateContext.WriteSourceSpan, object triggers a...

6.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/03/24 1:25 p.m.4 views

CVE-2026-33418 @dicebear/converter ensureSize() Vulnerable to SVG Dimension Capping Bypass via XML Comment Injection

DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafti...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/24 1:25 p.m.19 views

CVE-2026-33418 @dicebear/converter ensureSize() Vulnerable to SVG Dimension Capping Bypass via XML Comment Injection

DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafti...

7.5CVSS0.00376EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/24 12:32 a.m.2 views

Command Injection

Overview indico is a conference lifecycle management and meeting/lecture scheduling tool. Affected versions of this package are vulnerable to Command Injection due to insufficient sanitization of LaTeX syntax. An attacker can execute arbitrary code or access local files by submitting...

8.8CVSS6.3AI score0.00782EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/23 10:45 p.m.3 views

CVE-2026-33046

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

7.7CVSS5.9AI score0.00782EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/03/23 10:45 p.m.2 views

CVE-2026-33046 Indico discloses local files resulting in Remote Code Execution through LaTeX injection

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

7.7CVSS6AI score0.00782EPSS
Exploits0References8
OSV
OSV
added 2026/03/23 8:43 p.m.2 views

GHSA-RM2Q-F7JV-3CFP Indico discloses local files resulting in Remote Code Execution through LaTeX injection

!NOTE If server-side LaTeX rendering is not in use ie XELATEXPATH was not set in indico.conf, this vulnerability does not apply. Impact Due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaTeX...

7.7CVSS6AI score0.00782EPSS
Exploits0References8
Rows per page
Query Builder