Lucene search
K

8303 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.12 views

CVE-2026-49461

A flaw was found in pypdf. An attacker can craft a malicious PDF document containing a form XObject with self-references. When a user attempts to extract text from a page within this crafted PDF, it can lead to excessive memory consumption. This vulnerability may result in a Denial of Service DoS...

6.9CVSS5.7AI score0.00123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-51682

Name of the Vulnerable Software and Affected Versions Image Sizes on Demand versions prior to 1.4 Description Insufficient input sanitization and output escaping in the PHP SELF server variable allow unauthenticated attackers to inject arbitrary web scripts. These scripts execute if a user is...

6.1CVSS6.1AI score0.00168EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.48 views

PT-2026-51789

Name of the Vulnerable Software and Affected Versions ProFTPD versions 1.3.9b through 1.3.10rc2 Description An access control bypass allows authenticated FTP users to circumvent Directory ACL restrictions. By prefixing paths with /proc/self/root in the RNFR command handler, attackers can exploit...

8.6CVSS6AI score0.00331EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51683

Name of the Vulnerable Software and Affected Versions EntreDroppers versions prior to 1.1.3 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to perform Reflected Cross-Site Scripting. This occurs when the PHP SELF parameter reflects attacker-controll...

6.1CVSS6AI score0.00205EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52087

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw exists in the safepath package used by virt-handler. The OpenAtNoFollow function utilizes O PATH|O NOFOLLOW to obtain a file descriptor for a path leaf; however, subsequent operations...

7.3CVSS6AI score0.00122EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/23 10:12 p.m.9 views

Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment

Impact A user with only users.edit AND api permissions can send a PATCH to /api/v1/users/theirownid and grant themselves any permission except admin and superuser — for example assets.view, assets.create, reports.view, import, etc. Patches Patched in...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/23 10:11 p.m.30 views

CVE-2026-48493 Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment

Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/theirownid and grant themselves any permission except admin and superuser — for example assets.view, assets.create, reports.view, import, etc. The issue is...

5.5CVSS0.00182EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 10:11 p.m.17 views

CVE-2026-48493

Snipe-IT (IT asset/license management) is affected by CVE-2026-48493 through a privilege-escalation flaw in versions prior to 8.6.0. A user with only users.edit can PATCH /api/v1/users/{their_own_id} to grant themselves any permission except admin/superuser (e.g., assets.view, assets.create, repo...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/23 9:53 p.m.6 views

MAL-2026-6357 Malicious code in theme-color-picker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...

5.9AI score
Exploits0References4
NVD
NVD
added 2026/06/23 6:18 p.m.9 views

CVE-2026-54021

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS0.0021EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 6:18 p.m.9 views

CVE-2026-54022

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.IO handler checks note ownership only when the documentid starts with note: colon. However, the YdocManager storage layer normalizes all document IDs b...

5.3CVSS0.00268EPSS
Exploits1References1
NVD
NVD
added 2026/06/23 6:18 p.m.15 views

CVE-2026-54011

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

8.7CVSS0.002EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 6:11 p.m.18 views

CVE-2026-54320

CVE-2026-54320 refers to Daytona’s cross-tenant takeover vulnerability prior to version 0.184.0. The issue allowed an unverified email that matched an invitation’s target to accept it (or decline) and join the target organization, since invitation acceptance/declination did not require email veri...

8.4CVSS6.2AI score0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 6:11 p.m.7 views

EUVD-2026-38566

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitations could be accepted and declined by a user whose email matched the invitation but had not been verified. Daytona authenticates users via OIDC and...

8.4CVSS6.2AI score0.00215EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:47 p.m.6 views

CVE-2026-54011

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

8.7CVSS6AI score0.002EPSS
Exploits1References2Affected Software1
Spring Security Advisories
Spring Security Advisories
added 2026/06/23 12:0 a.m.25 views

Self-Correcting Structured Output in Spring AI 2.0

Large language models are text-in, text-out systems — their interface is natural language. Natural language is a great interface for humans and a poor one for software. The moment downstream code needs to route on a field, persist a value, or branch on a result, the conversation has to become a...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.18 views

PT-2026-51606

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.0 Description A user possessing users.edit and API permissions can escalate their privileges by sending a PATCH request to the '/api/v1/users/their own id' endpoint. This allows the user to grant themselves vario...

5.5CVSS5.9AI score0.00182EPSS
Exploits0References11
NVD
NVD
added 2026/06/22 10:16 p.m.10 views

CVE-2026-56323

Capgo before 12.128.2 contains an information disclosure vulnerability in the /functions/v1/channelself endpoint that allows unauthenticated attackers to enumerate non-public channel names and determine app existence and subscription status. Remote attackers can send GET requests with arbitrary...

8.7CVSS0.00379EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 9:16 p.m.5 views

DEBIAN-CVE-2026-49461

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12....

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 9:16 p.m.10 views

CVE-2026-49461

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12....

6.9CVSS0.00123EPSS
Exploits0References3
Rows per page
Query Builder