Lucene search
K

742 matches found

EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43076

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Drupal Location Selector allows SQL Injection. This issue affects Location Selector versions: from 0.0.0 to 1.3.0...

6.1AI score0.00194EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-15081

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Drupal Location Selector allows SQL Injection. This issue affects Location Selector versions: from 0.0.0 to 1.3.0...

7.4CVSS0.00194EPSS
Exploits0References1
CVE
CVE
added 4 days ago14 views

CVE-2026-15081

CVE-2026-15081 affects Drupal Location Selector module (versions 0.0.0–1.3.0). The vulnerability arises from a Views filter that does not sufficiently sanitize user input, allowing improper neutralization of special elements in an SQL command (SQL Injection). Impact is_high confidentiality and in...

7.4CVSS6.1AI score0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-15081 Location Selector - Critical - SQL Injection - SA-CONTRIB-2026-072

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Drupal Location Selector allows SQL Injection. This issue affects Location Selector versions: from 0.0.0 to 1.3.0...

0.00194EPSS
Exploits0References1
OSV
OSV
added 6 days ago3 views

DRUPAL-CONTRIB-2026-072

The Location Selector module provides a Views filter for selecting location values. One of the provided Views filters does not sufficiently sanitize values that may come from user input, resulting in a SQL injection vulnerability. This vulnerability is mitigated by the fact that a View must exist...

7.4CVSS6.1AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-56661

Name of the Vulnerable Software and Affected Versions Location Selector versions 0.0.0 through 1.3.0 Description An SQL injection issue exists in the Location Selector module, which provides a Views filter for selecting location values. A specific Views filter fails to sufficiently sanitize value...

6.1AI score0.00194EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.11 views

PT-2026-55731

Name of the Vulnerable Software and Affected Versions connorskees grass versions prior to 0.13.5 Description A local manipulation of the grass compiler::selector::extend/grass compiler::evaluate::visitor function can lead to a denial of service. This occurs because the @extend algorithm is...

4.8CVSS5.9AI score0.00115EPSS
Exploits0References10
EUVD
EUVD
added 2026/07/02 7:49 p.m.16 views

EUVD-2026-33280

Mautic has Stored Cross-Site Scripting XSS in Project Option Selector...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 6:17 p.m.8 views

CVE-2026-48719

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS0.00948EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 5:33 p.m.31 views

CVE-2026-48719 Warp branch selector command injection via Git branch names

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS0.00948EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 5:33 p.m.6 views

EUVD-2026-39001

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS5.8AI score0.00948EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 p.m.5 views

CVE-2026-48719

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...

8CVSS5.8AI score0.00948EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 5:33 p.m.24 views

CVE-2026-48719

Warp, versions 0.2025.08.06.08.12.stable_00 through 0.2026.05.06.15.42.stable_01, contains a command injection in the prompt branch selector. If a user can publish a branch to a Git repository opened in Warp, a crafted branch name can be interpreted by the victim's shell when the branch is select...

8CVSS5.8AI score0.00948EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 8:17 p.m.22 views

MAL-2026-5837 Malicious code in postcss-minify-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc7341d6762a6209e4bde3d99f31f1a8650b6971e64a19547b9f35e7a51abb3 Package is published as postcss-minify-selector singular but its internal postcss plugin identifier is postcss-minify-selectors plural — the canonica...

5.8AI score
Exploits0References13
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 7:17 a.m.48 views

Malicious code in postcss-minify-selector-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 957f5cbb74f4dd4b4770e8c9cc1a8aac88a4450cb01dbc0fa5242c42e343f54c The package name impersonates the widely-used postcss-selector-parser library which it also declares as a dependency and re-exports verbatim from...

6AI score
Exploits0References10
OSV
OSV
added 2026/06/13 7:17 a.m.34 views

MAL-2026-5737 Malicious code in postcss-minify-selector-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 957f5cbb74f4dd4b4770e8c9cc1a8aac88a4450cb01dbc0fa5242c42e343f54c The package name impersonates the widely-used postcss-selector-parser library which it also declares as a dependency and re-exports verbatim from...

6AI score
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/06/10 12:31 a.m.37 views

In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS5.2AI score0.00289EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/10 12:31 a.m.7 views

GHSA-XVFQ-4Q6Q-GXX7 In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS5.3AI score0.00289EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.19 views

PT-2026-48391

Name of the Vulnerable Software and Affected Versions Warp versions 0.2025.08.06.08.12.stable 00 through 0.2026.05.06.15.41.stable 01 Description A command injection exists in the prompt branch selector. An attacker who publishes a crafted branch name to a Git repository can execute arbitrary...

8CVSS6.2AI score0.00948EPSS
Exploits0References4
CVE
CVE
added 2026/06/09 11:48 p.m.45 views

CVE-2026-41726

In Spring for Apache Kafka, CVE-2026-41726 arises when an application uses the DelegatingDeserializer and an attacker can send records with unique, random spring.kafka.serialization.selector header values. This can cause the consumer’s heap to grow without bound, leading to garbage-collection thr...

6.5CVSS5.5AI score0.00289EPSS
Exploits0References1
Rows per page
Query Builder