Lucene search
K

5759 matches found

Nuclei
Nuclei
added 13 hours ago51 views

LOLLMS WebUI - Absolute Path Traversal

An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the openfile endpoint of lollmsadvanced.py. The sanitizepath function with allowabsolutepath=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can...

7.5CVSS7AI score0.01957EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago52 views

WordPress Tutor LMS <2.0.10 - Cross Site Scripting

WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape the resetkey and userid parameters before outputting then back in attributes. An attacker can inject arbitrary script in the browser of an unsuspecting user in the conte...

6.1CVSS6.4AI score0.01347EPSS
Exploits2References3
NVD
NVD
added yesterday10 views

CVE-2026-49970

Laravel-Mediable before 7.0.0 contains a path traversal vulnerability in the File::sanitizePath function that allows attackers to write uploaded files to arbitrary locations by controlling the directory argument passed to MediaUploader::toDestination. Attackers can exploit the permissive...

8.8CVSS
Exploits0References3
Cvelist
Cvelist
added yesterday23 views

CVE-2026-49970 Laravel-Mediable < 7.0.0 Path Traversal via File::sanitizePath()

Laravel-Mediable before 7.0.0 contains a path traversal vulnerability in the File::sanitizePath function that allows attackers to write uploaded files to arbitrary locations by controlling the directory argument passed to MediaUploader::toDestination. Attackers can exploit the permissive...

8.8CVSS
Exploits0References3
CVE
CVE
added yesterday11 views

CVE-2026-49970

Vulnerability summary: Laravel-Mediable before 7.0.0 contains a path traversal flaw in File::sanitizePath() that lets attackers write uploaded files to arbitrary locations via MediaUploader::toDestination(), due to a permissive regex allowing dot/slash and a weak trailing trim. This can enable re...

8.8CVSS6.3AI score
Exploits0References3
Nuclei
Nuclei
added yesterday12 views

Langflow <= 1.8.4 - Path Traversal to RCE via File Upload

The application contains a path traversal vulnerability caused by unsanitized 'filename' parameter in the 'POST /api/v2/files' multipart form data, letting attackers write files to arbitrary filesystem locations, exploit requires crafted request. id: CVE-2026-5027 info: name: Langflow = 1.8.4 -...

8.8CVSS6.2AI score0.31405EPSS
Exploits4References3
Rockylinux
Rockylinux
added 3 days ago4 views

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

8.8CVSS6.1AI score0.00352EPSS
Exploits0
Rockylinux
Rockylinux
added 3 days ago5 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

8.8CVSS6.1AI score0.00352EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

RockyLinux 8 : kernel (RLSA-2026:36366)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36366 advisory. kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 Tenable has extracted the preceding description block directly from the...

8.8CVSS6.8AI score0.00352EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-15284

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...

6.4CVSS6.1AI score0.00307EPSS
Exploits0References11
NVD
NVD
added 5 days ago8 views

CVE-2026-54002

Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...

8.5CVSS0.00409EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-54002 Kirby: Cross-site scripting (XSS) from incomplete HTML/XML sanitization in `Dom::sanitize()`

Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...

8.5CVSS0.00409EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-54002

Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...

8.5CVSS5.5AI score0.00409EPSS
Exploits0References8Affected Software1
CVE
CVE
added 5 days ago22 views

CVE-2026-54002

Kirby CMS is affected by an XSS issue (CVE-2026-54002) in earlier releases. The vulnerability arises when untrusted input is processed by Dom::sanitize() and related sanitization helpers (Sane::sanitize, SaneHtml/SaneSvg/SaneXml, Sane::sanitizeFile, and file sanitizeContents), or when writer/list...

8.5CVSS5.5AI score0.00409EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added last week5 views

kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath

A flaw was found in the Linux kernel's CIFS Common Internet File System client. When the cifssanitizeprepath function processes specially crafted input, such as an empty string or a string containing only delimiters, it can attempt to read data beyond its allocated memory buffer. This out-of-boun...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References5
CVE
CVE
added 2026/07/06 5:24 p.m.16 views

CVE-2026-41434

OP-TEE (a TEE for Arm TrustZone) has an unbounded recursion in sanitize_client_object() that can crash the PKCS#11 trusted app. Affected versions are 3.10.0 up to, but not including, 4.11.0. Version 4.11.0 contains the patch. No public workarounds are documented. This CVE affects the PKCS#11 TA a...

3.3CVSS6AI score0.00105EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/06 5:24 p.m.32 views

CVE-2026-41434 OP-TEE has unbounded recursion in sanitize_client_object()

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS11 TA. Version 4.11.0 contains a patch. ...

3.3CVSS0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/02 2:52 p.m.17 views

kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath

A flaw was found in the Linux kernel's CIFS Common Internet File System client. When the cifssanitizeprepath function processes specially crafted input, such as an empty string or a string containing only delimiters, it can attempt to read data beyond its allocated memory buffer. This out-of-boun...

8.8CVSS5.8AI score0.00352EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/01 4:4 p.m.7 views

EUVD-2026-41054

Guardian language-system fails to sanitize the id GET parameter before inserting it into HTML source and form action attributes in media.php lines 119, 129. An authenticated attacker can craft a URL that injects script tags executing in the victim's browser session...

4.8CVSS5.8AI score0.00147EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.10 views

EUVD-2026-40444

n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...

5.4CVSS5.6AI score0.00177EPSS
Exploits0References3
Rows per page
Query Builder