CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

132 matches found

SUSE CVE•added 2026/03/26 9:16 a.m.•2 views

SUSE CVE-2026-30587

Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc sdoc editor. The application fails to properly sanitize WebSocket messages regarding document structure updates. This allows...

8.7CVSS5.9AI score0.00066EPSS

Exploits1References3

RedhatCVE•added 2026/03/25 9:1 p.m.•1 views

CVE-2026-30587

A flaw was found in Seafile Server and its Seadoc editor. This Stored Cross-Site Scripting XSS vulnerability allows authenticated remote attackers to inject malicious JavaScript code. The application fails to properly sanitize WebSocket messages during document structure updates. By exploiting...

6.3CVSS6.1AI score0.00066EPSS

Exploits1References9

vulnersOsv•added 2026/03/25 6:36 p.m.•9 views

@seafile/seafile-sdoc-editor (>=3.0.0 <=3.0.162) potentially affected by CVE-2026-30587 via @seafile/sdoc-editor (=3.0.162)

@seafile/sdoc-editor NPM version =3.0.162 is affected by a known vulnerability. The following packages have a transitive dependency on @seafile/sdoc-editor and may be impacted: - @seafile/seafile-sdoc-editor =3.0.0, =3.0.162 Source cves: CVE-2026-30587 Source advisory:...

8.7CVSS5.8AI score0.00066EPSS

Exploits1

EUVD•added 2026/03/25 6:31 p.m.•1 views

EUVD-2026-15940

5.8AI score0.00066EPSS

Exploits1References7

OSV•added 2026/03/25 6:31 p.m.•2 views

GHSA-RQJ3-X344-QVXC Seafile Server has multiple stored XSS vulnerabilities

5.4CVSS5.9AI score0.00066EPSS

Exploits1References8

vulnersOsv•added 2026/03/25 6:31 p.m.•4 views

@seafile/seafile-sdoc-editor (>=3.0.0 <=3.0.162) potentially affected by CVE-2026-30587 via @seafile/sdoc-editor (=3.0.162)

8.7CVSS5.8AI score0.00066EPSS

Exploits1

Github Security Blog•added 2026/03/25 6:31 p.m.•3 views

Seafile Server has multiple stored XSS vulnerabilities

8.7CVSS5.9AI score0.00066EPSS

Exploits1References8Affected Software1

vulnersOsv•added 2026/03/25 6:31 p.m.•3 views

@seafile/sdoc-editor (=0.2.13), @seafile/seafile-sdoc-editor (>=2.0.43-test-0.0.4 <=2.0.45-test-0.0.4) +1 more potentially affected by CVE-2026-30587 via @seafile/sdoc-editor (>=0.2.12 <=2.0.128-test-0.0.2)

@seafile/sdoc-editor NPM version =0.2.12, =2.0.43-test-0.0.4, =6.0.19, =6.0.33 Source cves: CVE-2026-30587 Source advisory: OSV:GHSA-RQJ3-X344-QVXC...

8.7CVSS5.8AI score0.00066EPSS

Exploits1

NVD•added 2026/03/25 6:16 p.m.•1 views

CVE-2026-30587

8.7CVSS0.00066EPSS

Exploits1References6

CNNVD•added 2026/03/25 12:0 a.m.•5 views

Seafile Server 安全漏洞

Seafile Server is an open-source cloud storage server software developed by Seafile, offering features for file synchronization, sharing, and collaboration management. Versions of Seafile Server such as 13.0.15, 13.0.16-pro, 12.0.14, and earlier have security vulnerabilities. These vulnerabilitie...

8.7CVSS5.8AI score0.00066EPSS

Exploits1References7

CVE•added 2026/03/25 12:0 a.m.•7 views

CVE-2026-30587

CVE-2026-30587 affects Seafile Server and its Seadoc editor, with multiple stored XSS vulnerabilities exploited via WebSocket messages that update document structure. Affected versions include 13.0.15, 13.0.16-pro, and 12.0.14 and prior; fixes are in 13.0.17, 13.0.17-pro, and 12.0.20-pro. The iss...

8.7CVSS5.8AI score0.00066EPSS

Exploits1References6Affected Software1

Cvelist•added 2026/03/25 12:0 a.m.•19 views

CVE-2026-30587

0.00066EPSS

Exploits1References6

Vulnrichment•added 2026/03/25 12:0 a.m.•0 views

CVE-2026-30587

5.9AI score0.00066EPSS

Exploits1References6

ATTACKERKB•added 2026/03/25 12:0 a.m.•3 views

CVE-2026-30587

5.8AI score0.00066EPSS

Exploits1References7

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-28073

5.8AI score0.00066EPSS

Exploits1References7

RedhatCVE•added 2025/12/14 12:2 p.m.•5 views

CVE-2025-41080

A flaw was found in Seafile. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with POST parámetro 'p' in '/api/v2.1/repos/repoid/file/', leading to a stored Cross-Site Scripting XSS. Mitigation Restrict network access to the...

6.1CVSS6.5AI score0.00027EPSS

Exploits0References4

RedhatCVE•added 2025/12/14 12:2 p.m.•5 views

CVE-2025-41079

A flaw was found in Seafile. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with PUT parameter 'name' in '/api/v2.1/user/'. Mitigation Mitigation for this issue is either not available or the currently available options do not...

6.1CVSS7AI score0.00027EPSS

Exploits0References4

SUSE CVE•added 2025/12/08 12:22 a.m.•2 views

SUSE CVE-2025-65516

A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...

6.1CVSS5.9AI score0.0003EPSS

Exploits0References3

RedhatCVE•added 2025/12/06 12:3 a.m.•1 views

CVE-2025-65516

6.1CVSS5.5AI score0.0003EPSS

Exploits0References2

NVD•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-65516

6.1CVSS0.0003EPSS

Exploits0References2

Rows per page