Lucene search
K

5 matches found

Cvelist
Cvelist
added yesterday22 views

CVE-2026-58468 NocoBase 2.1.20 Server-Side Request Forgery via serverRequest wrapper

NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin...

5.5CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/10 6:46 p.m.5 views

CVE-2026-27826

MCP Atlassian is a Model Context Protocol MCP server for Atlassian products Confluence and Jira. Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server process to make outbound HTTP requests to an arbitrary attacker-controlled URL b...

8.2CVSS5.9AI score0.13589EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.11 views

CVE-2023-20888

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution...

8.8CVSS7.4AI score0.82282EPSS
Exploits0References1
OSV
OSV
added 2023/06/07 3:15 p.m.2 views

CVE-2023-20888

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution...

8.8CVSS7.5AI score0.82282EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/07 2:18 p.m.7 views

CVE-2023-20888

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution...

7.6AI score0.82282EPSS
Exploits0References1
Rows per page
Query Builder