Lucene search
K

22713 matches found

OSV
OSV
added 13 hours ago11 views

ROOT-OS-DEBIAN-12-CVE-2026-23242 CVE-2026-23242 in rootio-linux - Patched by Root

Root has patched CVE-2026-23242 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

7CVSS5.9AI score0.00389EPSS
Exploits0
OSV
OSV
added 13 hours ago6 views

ROOT-OS-DEBIAN-12-CVE-2025-71073 CVE-2025-71073 in rootio-linux - Patched by Root

Root has patched CVE-2025-71073 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

7.8CVSS5.4AI score0.00124EPSS
Exploits0
OSV
OSV
added 13 hours ago8 views

ROOT-OS-DEBIAN-12-CVE-2025-38154 CVE-2025-38154 in rootio-linux - Patched by Root

Root has patched CVE-2025-38154 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

7.8CVSS7.2AI score0.00154EPSS
Exploits0
OSV
OSV
added 13 hours ago3 views

ROOT-OS-DEBIAN-12-CVE-2024-56588 CVE-2024-56588 in rootio-linux - Patched by Root

Root has patched CVE-2024-56588 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS7.6AI score0.0023EPSS
Exploits0
NVD
NVD
added yesterday5 views

CVE-2026-62188

OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu permission tools could ignore per-account disablement settings. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could...

8.6CVSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2024-24347

GeoNode: Stored XSS to full account takeover...

6.1CVSS6.4AI score0.00376EPSS
Exploits0References4
OSV
OSV
added yesterday3 views

CVE-2026-58065 Apache Airflow Git provider: Git provider hook defaults to StrictHostKeyChecking=no, disabling SSH host-key verification

The Apache Airflow Git provider runs its git-over-SSH operations with StrictHostKeyChecking=no by default, disabling SSH host-key verification. An attacker who can intercept the network path between an Airflow worker and the Git server can impersonate the server man-in-the-middle, capturing the S...

8.1CVSS6.1AI score
Exploits0References5
OSV
OSV
added yesterday10 views

ROOT-OS-DEBIAN-12-CVE-2026-3184 CVE-2026-3184 in rootio-util-linux - Patched by Root

Root has patched CVE-2026-3184 in the rootio-util-linux package for Root:Debian:12. Multiple fixed versions available...

5.3CVSS5.8AI score0.00436EPSS
Exploits0
OSV
OSV
added yesterday5 views

ROOT-APP-NPM-CVE-2026-45732 CVE-2026-45732 in @rootio/n8n - Patched by Root

Root has patched CVE-2026-45732 in the @rootio/n8n package for Root:npm. Multiple fixed versions available...

8.3CVSS5.8AI score0.00315EPSS
Exploits0
Nuclei
Nuclei
added yesterday253 views

Vite - Arbitrary File Read

Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. @fs denies access to files outside of Vite serving allow list. Adding ?raw?? or ?import&raw?? to the URL bypasses this limitation and returns the file content if it...

7.5CVSS6.7AI score0.74998EPSS
Exploits28References2
OSV
OSV
added yesterday3 views

UBUNTU-CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is...

5.3CVSS6.5AI score0.00274EPSS
Exploits1References3
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-49394 Frappe: Auth. bypass via update_page

Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...

7.1CVSS0.00307EPSS
Exploits0References6
NVD
NVD
added 4 days ago5 views

CVE-2026-57221

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any authenticated user who can connect to a virtual host to enumerate queue and...

5.3CVSS0.00269EPSS
Exploits1References6
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-57575 Misskey: SSRF bypass in URL Preview

Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a Server-Side Request Forgery SSRF vulnerability in URL preview functionality in UrlPreviewService. Due to missing network restrictions before establishing outbound connections, a remote attacker can...

6.9CVSS0.00347EPSS
Exploits0References3
CVE
CVE
added 4 days ago29 views

CVE-2026-55405

LangChain4j contains a SQL injection vulnerability in the embedding stores for MariaDB and pgvector. Prior to versions 1.2.1-beta8, 1.5.1-beta11, 1.11.8-beta19, and 1.16.3-beta26, metadata filter keys (and, for MariaDB, some string values) are concatenated directly into SQL in EmbeddingSearchRequ...

7.6CVSS6.2AI score0.00348EPSS
Exploits0References7
NVD
NVD
added 4 days ago8 views

CVE-2026-55843

Snipe-IT is an IT asset/license management system. Prior to 8.6.0, UsersController::update passes a missing permission request field through NormalizePermissionsPayloadAction and PreserveUnauthorizedPrivilegedPermissionsAction in a way that can overwrite a target user’s permissions with a sparse...

7CVSS0.00298EPSS
Exploits0References3
Rockylinux
Rockylinux
added 4 days ago6 views

gstreamer1-plugins-bad-free security update

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...

8.8CVSS6.2AI score0.0053EPSS
Exploits0
CVE
CVE
added 4 days ago25 views

CVE-2026-53363

CVE-2026-53363 affects the Linux kernel’s xfrm/iptfs path. The vulnerability arises because iptfs_consume_frags() fails to propagate the SKBFL_SHARED_FRAG flag when transferring paged fragments, mirroring the issue fixed in skb_try_coalesce() for CVE-2026-46300. The documented remediation is to a...

6AI score0.00111EPSS
Exploits0References3
OSV
OSV
added 4 days ago13 views

ROOT-APP-NPM-CVE-2026-44574 CVE-2026-44574 in @rootio/next - Patched by Root

Root has patched CVE-2026-44574 in the @rootio/next package for Root:npm. Multiple fixed versions available...

8.1CVSS5.8AI score0.00485EPSS
Exploits2
OSV
OSV
added 4 days ago20 views

ROOT-APP-NPM-CVE-2025-62718 CVE-2025-62718 in @rootio/axios - Patched by Root

Root has patched CVE-2025-62718 in the @rootio/axios package for Root:npm. Multiple fixed versions available...

9.9CVSS5.8AI score0.01161EPSS
Exploits1
Rows per page
Query Builder