Lucene search
K

121627 matches found

EUVD
EUVD
added 2026/04/24 6:32 p.m.4 views

EUVD-2026-25596

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

7.4CVSS5.3AI score0.00281EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/24 6:32 p.m.30 views

CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

7.4CVSS0.00281EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/24 6:32 p.m.5 views

CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

7.4CVSS5.4AI score0.00281EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/24 5:36 p.m.25 views

CVE-2026-42033 Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can a silently intercept and modify every JSON response before the...

7.4CVSS0.00381EPSS
Exploits1References1
CVE
CVE
added 2026/04/24 5:36 p.m.51 views

CVE-2026-42033

CVE-2026-42033 affects Axios, a promise-based HTTP client. Before versions 1.15.1 and 0.31.1, if Object.prototype is polluted by another dependency without a hasOwnProperty guard, an attacker could silently intercept/modify every JSON response or hijack the underlying HTTP transport to access cre...

7.4CVSS5.4AI score0.00381EPSS
Exploits1References39Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 5:36 p.m.4 views

CVE-2026-42033 Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can a silently intercept and modify every JSON response before the...

7.4CVSS5.3AI score0.00381EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/24 5:4 p.m.5 views

CVE-2026-41321 @astrojs/cloudflare: SSRF via redirect following in Cloudflare image-binding-transform endpoint

@astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers targets. Prior to 13.1.10, the fetch call for remote images in packages/integrations/cloudflare/src/utils/image-binding-transform.ts uses the default redirect: 'follow' behavior. This allows the Cloudflare Worker to follow HTTP...

2.2CVSS5.5AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 5:4 p.m.14 views

CVE-2026-41321

Summary: CVE-2026-41321 affects the @astrojs/cloudflare SSR adapter used with Cloudflare Workers. Before version 13.1.10, the fetch() call for remote images in packages/integrations/cloudflare/src/utils/image-binding-transform.ts uses the default redirect: 'follow' behavior, allowing redirects to...

2.2CVSS5.5AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/24 4:34 p.m.6 views

CVE-2026-31536

A flaw was found in the Linux kernel's Server Message Block SMB direct server implementation. This issue occurs during smbdirectsendbatch processing where requests without the IBSENDSIGNALED flag may be incorrectly handled when a connection is broken. This could lead to unexpected behavior relate...

9.8CVSS5.3AI score0.00442EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/24 3:36 p.m.3 views

Cross-site Request Forgery (CSRF)

Overview rwsdk is a Build fast, server-driven webapps on Cloudflare with SSR, RSC, and realtime Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the serverAction process. An attacker can trigger unauthorized state changes or actions by inducing an...

6CVSS5.5AI score0.00111EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/24 3:22 p.m.10 views

Lemmy has SSRF in /api/v3/post via Webmention dispatch

Summary Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is created in a public community, the backend asynchronously sends a Webmention to the attacker-controlled link target. The submitted URL is checked for syntax and scheme, but th...

6.3CVSS5.6AI score0.00184EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/24 3:21 p.m.6 views

GHSA-H6HF-9846-XWRQ Lemmy has SSRF and internal image disclosure in post link metadata via unvalidated og:image

Summary Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. While the top-level page URL is checked against internal IP ranges, the extracted og:image URL is not subject to the same restriction...

6.5CVSS5.5AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 2026/04/24 3:16 p.m.4 views

CVE-2026-31656

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

7.8CVSS0.00117EPSS
Exploits0References8
NVD
NVD
added 2026/04/24 3:16 p.m.4 views

CVE-2026-31548

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

7.8CVSS0.00129EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31548

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

7.8CVSS5.3AI score0.00129EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/24 2:45 p.m.27 views

CVE-2026-31667 Input: uinput - fix circular locking dependency with ff-core

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

7.8CVSS0.00096EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.5 views

CVE-2026-31582

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

7.8CVSS5.2AI score0.00125EPSS
Exploits0
CVE
CVE
added 2026/04/24 2:30 p.m.15 views

CVE-2026-31536

The vulnerability CVE-2026-31536 affects the Linux kernel SMB direct server implementation. In smb: server: let send_done handle a completion without IB_SEND_SIGNALED, during smbdirect_send_batch processing requests may be processed without IB_SEND_SIGNALED and could be destroyed in the final req...

9.8CVSS5.4AI score0.00442EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:25 p.m.4 views

CVE-2026-5367

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References12
NVD
NVD
added 2026/04/24 12:17 p.m.6 views

CVE-2026-4313

AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. Authenticated attacker can replace the value of the text field in the HTTP POST request. Improper parameter validation by the server results in arbitrary JavaScript execution in the victim's browser. Critically, this...

2.4CVSS0.0059EPSS
Exploits0References2
Rows per page
Query Builder