Lucene search
K

121639 matches found

Vulnrichment
Vulnrichment
added 2026/03/30 7:7 p.m.2 views

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7AI score0.26356EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/03/30 7:5 p.m.8 views

OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface

Fixed in OpenClaw 2026.3.24, the current shipping release. Title browser.request still allows POST /reset-profile through the operator.write surface in OpenClaw v2026.3.22 after GHSA-vmhq-cqm9-6p7q Severity Assessment High CWE: - CWE-863: Incorrect Authorization Proposed CVSS v3.1: - 8.1...

8.1CVSS5.9AI score0.006EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/03/30 7:5 p.m.3 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the browser.request function on the operator.write surface. An attacker can disrupt browser operations, terminate active browser sessions, and move the local...

8.1CVSS5.9AI score0.006EPSS
Exploits1References2
OSV
OSV
added 2026/03/30 7:5 p.m.5 views

GHSA-XP9R-PRPG-373R OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface

Fixed in OpenClaw 2026.3.24, the current shipping release. Title browser.request still allows POST /reset-profile through the operator.write surface in OpenClaw v2026.3.22 after GHSA-vmhq-cqm9-6p7q Severity Assessment High CWE: - CWE-863: Incorrect Authorization Proposed CVSS v3.1: - 8.1...

8.1CVSS5.9AI score0.006EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/30 6:31 p.m.3 views

EUVD-2026-17133

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

7.6CVSS6AI score0.00268EPSS
Exploits1References3
NVD
NVD
added 2026/03/30 6:16 p.m.5 views

CVE-2026-5126

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function filegetcontents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

6.5CVSS0.00267EPSS
Exploits0References5
OSV
OSV
added 2026/03/30 6:4 p.m.4 views

GHSA-6H7H-M7P5-HJQP Sulu checks fix permissions for subentities endpoints

Impact A user which has permission for the Sulu Admin via atleast one role could have access to the subentities of contacts via the admin API without even have permission for contacts. Patches The issue was patched in release 2.6.22 and 3.0.5. Workarounds Create a Symfony Request Listener checkin...

5.3CVSS5.9AI score0.00258EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/30 5:24 p.m.11 views

FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

Summary The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication...

9.3CVSS5.9AI score0.00299EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2026/03/30 5:21 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /loadIG endpoint, which accepts user-supplied URLs and makes server-side HTTP requests without proper validation of hostnames, schemes, or domains. An attacker can probe internal network services...

6.9CVSS5.9AI score0.00235EPSS
Exploits1References2
NVD
NVD
added 2026/03/30 5:16 p.m.2 views

CVE-2026-29954

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

7.6CVSS0.00268EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/30 5:8 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the OCI registry token exchange function when the realm URL from the WWW-Authenticate header is not validated for scheme, hostname, or IP range. An attacker can cause the application to make...

9.1CVSS6AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2026/03/30 4:16 p.m.6 views

CVE-2026-2286

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...

9.8CVSS0.00467EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/30 3:51 p.m.1 views

CVE-2026-2286 CVE-2026-2286

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...

5.9AI score0.00467EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/30 3:2 p.m.3 views

CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS6AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/30 3:2 p.m.19 views

CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS0.00112EPSS
Exploits0References3
CVE
CVE
added 2026/03/30 3:2 p.m.17 views

CVE-2026-5164

The CVE-2026-5164 entry describes a vulnerability in virtio-win where the RhelDoUnMap() function fails to properly validate the number of descriptors in an unmap request. This input validation flaw can be exploited by a local user who supplies an excessive number of descriptors, potentially causi...

6.7CVSS6AI score0.00112EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2026/03/30 12:38 p.m.14 views

CVE-2026-4315

WatchGuard Fireware OS WebUI CSRF leads to DoS when an authenticated admin visits a malicious page. Affected versions are Fireware OS 11.8–11.12.4+541730, 12.0–12.11.8, and 2025.1–2026.1.2. No exploit details or mitigations are provided here; refer to the watchdog advisory (WGSA-2026-00006) for g...

7.1CVSS5.9AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/30 10:54 a.m.8 views

CVE-2026-34475

A flaw was found in Varnish Cache and Varnish Enterprise. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 requests with a path of / in the URL. This mishandling of URLs, specifically in unchecked req.url scenarios, could lead to cache poisoning, where an...

5.4CVSS5.9AI score0.00202EPSS
Exploits1References4
Veracode
Veracode
added 2026/03/30 6:49 a.m.4 views

Race Condition

@auth0/nextjs-auth0 is vulnerable to a race condition. The vulnerability is due to improper lookup handling in the TokenRequestCache during simultaneous requests on the same client, which allows an attacker to exploit inconsistent token responses and potentially interfere with authentication flow...

5.4CVSS5.9AI score0.00172EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.21 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

0.00174EPSS
Exploits1References1
Rows per page
Query Builder