Lucene search
K

105 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-276 Apache Airflow Providers Edge3 exposes internal API allowing RCE in web server context

Edge3 Worker RPC RCE on Airflow 2. This issue affects Apache Airflow Providers Edge3: before 2.0.0 - and only if projects installed and configured it on Airflow 2. The Edge3 provider support in Airflow 2 has been always development-only and not officially released, however if projects installed a...

9.8CVSS5.9AI score0.00823EPSS
Exploits0References8
OSV
OSV
added 2026/06/26 11:2 p.m.5 views

GHSA-39G2-8X68-PMX8 Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile context

Summary PATCH /server/id accepts and persists nonexistent ddnsprofiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the contex...

6.4CVSS5.8AI score0.00227EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:25 p.m.5 views

EUVD-2026-39442

The K2 frontend article-attachment upload path accepts files whose extension is .php, and Apache's standard modphp matches .php$ and executes them under the K2 web user. A K2 Author can upload a shell.php, then fetch /media/k2/attachments/shell.php and execute arbitrary PHP code in the web...

6.3CVSS6.1AI score0.00167EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 5:16 p.m.12 views

CVE-2025-26240

In JazzCore python-pdfkit 1.0.0, the fromstring method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files...

8.4CVSS0.00392EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 2:16 p.m.16 views

CVE-2026-50234

Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory...

8.7CVSS0.0064EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/06/05 1:24 p.m.39 views

CVE-2026-50234 Lyrion Music Server 9.2.0 Path Traversal File Read

Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory...

8.7CVSS0.0064EPSS
Exploits2References2
CVE
CVE
added 2026/06/05 1:24 p.m.35 views

CVE-2026-50234

Affected product: Lyrion Music Server 9.2.0. Vulnerability: Path traversal in the web server context allowing unauthenticated attackers to read arbitrary files by manipulating file path parameters. Root cause / vector: Directory traversal outside the intended directory structure. Impact: Confiden...

8.7CVSS5.6AI score0.0064EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/06/05 1:24 p.m.9 views

CVE-2026-50234

Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory...

8.7CVSS5.6AI score0.0064EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.20 views

PT-2026-46953

Name of the Vulnerable Software and Affected Versions Lyrion Music Server version 9.2.0 Description A path traversal issue exists in the web server context, allowing unauthenticated attackers to read arbitrary files. By manipulating file path parameters, an attacker can access sensitive files...

8.7CVSS5.6AI score0.0064EPSS
Exploits2References6
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:5 p.m.9 views

CVE-2026-45731

WWBN AVideo is an open source video platform. In 29.0 and earlier, view/update.php reads $POST'updateFile' as a relative path under updatedb/ and passes it to PHP's file for line-by-line execution as part of a database migration. An authenticated administrator can abuse this to read arbitrary tex...

6.9CVSS6AI score0.00469EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/26 2:8 p.m.16 views

EUVD-2026-31835

OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system command...

8.6CVSS6.6AI score0.00679EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/12 9:31 p.m.9 views

EUVD-2026-29748

SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability through specific nginx...

9.2CVSS6.7AI score0.00434EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 7:16 p.m.16 views

CVE-2026-8429

SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability to achieve code execution that bypasses the SPIP security screen protections...

8.8CVSS0.00502EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 6:43 p.m.21 views

CVE-2026-8430

CVE-2026-8430 affects SPIP versions prior to 4.4.14. The vulnerability is a remote code execution in the public space, limited to certain nginx configurations, allowing attackers to run arbitrary code in the web server context. Exploitation relies on specific nginx configuration scenarios and is ...

9.2CVSS6.7AI score0.00434EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 6:32 p.m.6 views

CVE-2026-8429

SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability to achieve code execution that bypasses the SPIP security screen protections...

8.8CVSS6.6AI score0.00502EPSS
Exploits0References3
CVE
CVE
added 2026/05/12 6:32 p.m.20 views

CVE-2026-8429

SPIP versions prior to 4.4.14 are affected by a remote code execution vulnerability in the private space, allowing an attacker to execute arbitrary code in the web server context. Affected component: SPIP core (private space); impact is high on confidentiality, integrity, and availability as desc...

8.8CVSS6.6AI score0.00502EPSS
Exploits0References2
Metasploit
Metasploit
added 2026/03/31 7:2 p.m.202 views

Grav CMS Admin Direct Install Authenticated Plugin Upload RCE

Grav CMS version use exploit/multi/http/gravadmindirectinstallrcecve202550286 msf exploitgravadmindirectinstallrcecve202550286 show targets ...targets... msf exploitgravadmindirectinstallrcecve202550286 set TARGET msf exploitgravadmindirectinstallrcecve202550286 show options ...show and set...

8.1CVSS6.5AI score0.09319EPSS
Exploits7
EUVD
EUVD
added 2026/03/20 12:31 a.m.4 views

EUVD-2026-13416

Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality. The issue exists in /websitecode/php/import/import.php where missing authentication checks allow an attacker to upload a crafted ZIP archive disguis...

9.8CVSS6.5AI score0.01479EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/03/11 8:16 p.m.5 views

CVE-2026-32109

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/02/28 12:31 a.m.10 views

EUVD-2026-9098

openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in reportnetworkmap.php. The application retrieves the 'dot' configuration parameter from the database and passes it directly to exec without validation or sanitation. If an attacker can modify the...

9.3CVSS6AI score0.05648EPSS
Exploits2References8
Rows per page
Query Builder