Lucene search
+L

20592 matches found

Nuclei
Nuclei
added 6 hours ago69 views

Vite server.fs.deny Bypass - Local File Inclusion

Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be returned to the browser. By adding ?.svg with ?.wasm?init or with sec-fetch-dest- script header, the server.fs.deny restriction was able to bypass. This bypass is only possible if the file is smaller than...

5.3CVSS6.7AI score0.38685EPSS
Exploits7References5
EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-45113

OpenClaw versions before 2026.5.18 contain an authorization bypass vulnerability in skill command dispatch that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can bypass tool policy restrictions through configured input paths to perform...

5.4CVSS6.2AI score
Exploits0References2
RedHat Linux
RedHat Linux
added yesterday5 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS6.7AI score0.00292EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added yesterday6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...

8.8CVSS6.2AI score0.00314EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added yesterday7 views

CVE-2026-8609

A flaw was found in Grafana. An unauthenticated attacker can repeatedly access the OAuth login route with unique values. This can lead to unbounded memory growth, eventually exhausting system memory and causing the Grafana instance to crash. This results in a denial of service for legitimate user...

7.5CVSS6.1AI score0.00397EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday82 views

Oracle Weblogic - Server-Side Request Forgery

An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services. id: CVE-2014-4210 info: name: Oracle Weblogic - Server-Side Request Forgery author:...

5CVSS7.1AI score0.38152EPSS
Exploits8References5
NVD
NVD
added 2 days ago9 views

CVE-2026-8920

Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...

8.5CVSS0.0009EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-8920

The vulnerability CVE-2026-8920 concerns ASUS Aura Wallpaper Service. It describes Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path, enabling a local user to perform file operations by sending crafted commands that contain an arbitrary ...

8.5CVSS6.2AI score0.0009EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-8920

Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...

8.5CVSS0.0009EPSS
Exploits0References1
CVE
CVE
added 3 days ago31 views

CVE-2026-48805

Twig (PHP template engine) has a sandbox state regression in deprecated internal wrappers (src/Resources/core.php) that previously failed to forward the sandbox status to CoreExtension::checkArrow(), arraySome(), and arrayEvery(), allowing legacy helpers like twig_array_some(), twig_array_every()...

9.1CVSS6.1AI score0.00276EPSS
Exploits0References3Affected Software1
OSV
OSV
added 3 days ago4 views

CVE-2026-48805 Twig: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`

Twig is a template language for PHP. Prior to 3.27.0, deprecated internal wrappers in src/Resources/core.php do not forward the current sandbox state to CoreExtension::checkArrow, arraySome, and arrayEvery, allowing legacy calls such as twigarraysome, twigarrayevery, and twigcheckarrowinsandbox t...

5.3CVSS6.1AI score0.00276EPSS
Exploits0References5
CVE
CVE
added 3 days ago9 views

CVE-2026-15778

CVE-2026-15778 affects Google Chrome navigation logic prior to version 150.0.7871.125, due to insufficient validation of untrusted input in Navigation. An attacker who compromises the renderer could bypass navigation restrictions via a crafted HTML page. The issue is addressed in Chrome 150.0.787...

6.5CVSS6.1AI score0.00263EPSS
Exploits0References2Affected Software1
NVD
NVD
added 3 days ago4 views

CVE-2026-50510

Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally...

7.8CVSS0.00306EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 3 days ago7 views

GitHub Copilot Remote Code Execution Vulnerability

Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score0.00306EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/09 7:38 a.m.5 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
NVD
NVD
added 2026/07/08 9:16 p.m.8 views

CVE-2026-58211

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured noauthuser through a parser path used when the first client operation was not CONNECT, bypassing user-level connection...

5.4CVSS0.00292EPSS
Exploits0References1
NVD
NVD
added 2026/07/08 8:16 p.m.7 views

CVE-2026-36028

A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset...

6.8CVSS0.00237EPSS
Exploits0References3
CVE
CVE
added 2026/07/08 8:16 p.m.12 views

CVE-2026-58211

CVE-2026-58211 affects NATS Server. A vulnerable path allows a client to be registered as the configured no_auth_user via a parser path when the first client operation is not CONNECT, bypassing user-level connection restrictions such as allowed_connection_types or proxy_required. This could enabl...

5.4CVSS6AI score0.00292EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/08 8:16 p.m.33 views

CVE-2026-58211 NATS Server: `no_auth_user` pre-CONNECT fast path bypasses user connection restrictions

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured noauthuser through a parser path used when the first client operation was not CONNECT, bypassing user-level connection...

5.4CVSS0.00292EPSS
Exploits0References1
OSV
OSV
added 2026/07/08 8:16 p.m.5 views

CVE-2026-58211 NATS Server: `no_auth_user` pre-CONNECT fast path bypasses user connection restrictions

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured noauthuser through a parser path used when the first client operation was not CONNECT, bypassing user-level connection...

5.4CVSS6.1AI score0.00292EPSS
Exploits0References3
Rows per page
Query Builder