CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.4CVSS5.3AI score0.00265EPSS

CVE-2026-53782 Summarize < 0.17.0 SSRF via podcast:transcript URL fetch

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

Exploits0References4

NVD•added last week•5 views

CVE-2026-48547

KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the version or changes fields of patchNotesData.json, which are interpolated unsanitized into a childprocess.execSync cal...

8.5CVSS0.0091EPSS

NVD•added last week•8 views

CVE-2026-47174

In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull requests, while the deploy workflow runs with package-write permissions and deployment secrets. If an attacker can make a pull request build satisf...

9.5CVSS0.00312EPSS

NVD•added last week•6 views

CVE-2026-47172

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged build workflow completes. The build workflow runs on pull requests, and the deploy workflow checks ou...

9.5CVSS0.00324EPSS

5.3CVSS5.3AI score0.00329EPSS

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

Exploits0References4

EUVD•added last week•7 views

EUVD-2026-36290

9.5CVSS5.3AI score0.00312EPSS

9.5CVSS5.3AI score0.00312EPSS

CVE-2026-47174 Duck Site: Untrusted pull request code can trigger privileged production deployment

8.5CVSS6AI score0.0091EPSS

CVE-2026-48547 KanaDojo < 0.1.18 Command Injection via patchNotesData.json in release.yml

9.5CVSS5.5AI score0.00324EPSS

CVE-2026-47172 Quest Bot: Untrusted pull request code can be built and deployed by privileged `workflow_run` deployment.

CVE•added last week•7 views

CVE-2026-47172

Quest Bot (open-source Discord bot) contains a privilege escalation in the deploy workflow prior to v1.0.3. The repository’s privileged deploy workflow runs after the unprivileged build, and when a PR from a main branch is opened, the deploy workflow can check out the PR head_sha, build it into a...

9.5CVSS5.5AI score0.00324EPSS

EUVD•added last week•41 views

EUVD-2026-36300

9.5CVSS5.5AI score0.00324EPSS

Veracode•added last week•8 views

Server-Side Request Forgery (SSRF)

Papra is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of redirect destinations in the webhook delivery system, which allows an attacker to bypass SSRF protections and force the server to make requests to internal network addresses through...

5.5AI score0.00025EPSS

Exploits0References2Affected Software1

NVD•added last week•7 views

CVE-2026-47157

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

6.5CVSS0.00305EPSS

Exploits0References4

EUVD•added last week•4 views

EUVD-2026-36273

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...

8.5CVSS6.7AI score0.00487EPSS

Exploits0References3

OSV•added last week•4 views

DEBIAN-CVE-2026-44495

Axios is a promise based HTTP client for the browser and Node.js. From 0.19.0 to before 0.31.1 and 1.15.2, Axios contains prototype-pollution gadgets in request config processing. If another vulnerability in the same JavaScript process has already polluted Object.prototype.transformResponse,...

7CVSS5.3AI score0.00316EPSS

NVD•added last week•7 views

CVE-2026-44495

7CVSS0.00316EPSS

NVD•added last week•8 views

CVE-2026-44496

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

7.5CVSS0.00486EPSS

Exploits1References1

Cvelist•added last week•23 views

CVE-2026-46697 Fediverse Embeds: Unauthenticated SSRF / open proxy via REST media-proxy endpoint

Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy includes/MediaProxy.php with permissioncallback = returntrue that accepted a base64-encoded URL and forwarded it to wpremoteget$url without...

7.5CVSS0.00241EPSS