Lucene search
K

733055 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.4 views

Fedora 45 : moby-engine (2026-d8b527c6c7)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d8b527c6c7 advisory. Automatic update for moby-engine-29.6.0-1.fc45. Changelog Fri Jun 19 2026 Bradley G Smith - 29.6.0-1 - Update to release v29.6.0 - Resolves:...

9.1CVSS6AI score0.005EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.8 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.8)

The version of AOS installed on the remote host is prior to 7.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.8 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a deni...

9.8CVSS6.9AI score0.00754EPSS
Exploits2References25
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 7:8 p.m.11 views

Malicious code in d0rk3r-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4542d225ef144ecc5df2f578104ffc12659196c57b2214ecb54f60620601c6 On import d0rk3rtelemetry, the package spawns a background thread that reads installer-owned secrets and POSTs them to an attacker-controlled endpoin...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/20 7:8 p.m.6 views

MAL-2026-6244 Malicious code in d0rk3r-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4542d225ef144ecc5df2f578104ffc12659196c57b2214ecb54f60620601c6 On import d0rk3rtelemetry, the package spawns a background thread that reads installer-owned secrets and POSTs them to an attacker-controlled endpoin...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 6:47 p.m.11 views

Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References23
OSV
OSV
added 2026/06/20 6:47 p.m.3 views

MAL-2026-6260 Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References23
GithubExploit
GithubExploit
added 2026/06/20 4:39 p.m.87 views

explotability_analysis_ebpf

eBPF Verifier Exploit Research — s344024 Romano Simone Resear...

8.2CVSS5.9AI score0.00516EPSS
Exploits1
NVD
NVD
added 2026/06/20 4:17 p.m.12 views

CVE-2026-56317

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

6.1CVSS0.00209EPSS
Exploits0References4
NVD
NVD
added 2026/06/20 4:17 p.m.11 views

CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS0.00222EPSS
Exploits1References2
CVE
CVE
added 2026/06/20 3:24 p.m.13 views

CVE-2025-71331

Flowise (pre-3.0.8) exposes a Cross-Site Scripting (XSS) vulnerability due to insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript via an iframe payload in chat or have a custom agent function return an external XSS payload. The inj...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/20 3:24 p.m.3 views

CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/20 3:24 p.m.7 views

EUVD-2025-210289

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/20 3:24 p.m.5 views

CVE-2025-71331 Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS5.7AI score0.00222EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/20 3:24 p.m.29 views

CVE-2025-71331 Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS0.00222EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/20 3:21 p.m.26 views

CVE-2026-56317 Nuxt - Cross-Site Scripting via NoScript Component Slot Content

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS0.00209EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/20 3:21 p.m.3 views

CVE-2026-56317

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS5.7AI score0.00209EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/20 3:21 p.m.7 views

EUVD-2026-38112

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS5.7AI score0.00209EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/20 3:21 p.m.5 views

CVE-2026-56317 Nuxt - Cross-Site Scripting via NoScript Component Slot Content

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS5.7AI score0.00209EPSS
Exploits0References4
CVE
CVE
added 2026/06/20 3:21 p.m.18 views

CVE-2026-56317

CVE-2026-56317 affects Nuxt before 4.4.7 and the 3.x branch before 3.21.7. The NoScript component writes slot content to innerHTML without escaping, enabling cross-site scripting via untrusted data in NoScript slots (e.g., route.query parameters). Impact is XSS in pages rendering NoScript content...

6.1CVSS5.7AI score0.00209EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/20 1:10 p.m.8 views

MAL-2026-6239 Malicious code in atlasora-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f33093da9f0bcf9358f3b00bd87e723d95267074539c72511ab58bff4172f092 The package declares a postinstall hook in package.json "postinstall": "node install.js" that auto-executes install.js on every npm install. install....

5.9AI score
Exploits0References1
Rows per page
Query Builder