Lucene search
+L

917 matches found

Cvelist
Cvelist
added 2026/06/26 8:55 p.m.43 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
CVE
CVE
added 2026/06/26 8:55 p.m.27 views

CVE-2026-49984

CVE-2026-49984 – Kestra : A path traversal vulnerability in the LocalStorage backend allows any authenticated user who can view an execution to read arbitrary files on the server. Before patching, the LocalStorage path validator mishandles Windows-style backslashes, letting an attacker smuggle tr...

7.7CVSS6AI score0.00386EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/06/19 10:10 p.m.11 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview langsmith is a Client library to connect to the LangSmith Observability and Evaluation Platform. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via the file attachments handling. An attacker can access local files on the...

7.1CVSS6AI score0.00174EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 5:17 p.m.16 views

CVE-2026-53872

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS0.00509EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.11 views

Neuron Golem OEE MES 路径遍历漏洞

Neuron Golem OEE MES is a manufacturing execution system and equipment integrated efficiency management platform developed by the Polish company Neuron. The Neuron Golem OEE MES has a path traversal vulnerability, which stems from a path traversal flaw. This vulnerability could allow attackers...

8.3CVSS5.8AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47813

Name of the Vulnerable Software and Affected Versions Schneider Electric Data Center Expert affected versions not specified Description An Improper Restriction of XML External Entity Reference XXE issue exists, which occurs when an application fails to restrict XML external entity references,...

7.1CVSS6.6AI score0.00233EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-47722

Name of the Vulnerable Software and Affected Versions Slider Revolution versions prior to 7.0.11 Description The plugin is subject to sensitive information disclosure resulting from three design flaws. First, a valid backend AJAX nonce revslider actions is leaked to all authenticated users,...

6.5CVSS5.3AI score0.00252EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Schneider Electric Data Center Expert 代码问题漏洞

Schneider Electric Data Center Expert is a data monitoring software developed by Schneider Electric, a multinational technology company. Schneider Electric Data Center Expert has a code vulnerability caused by improper restrictions on XML external entity references. This vulnerability could allow...

7.1CVSS5.4AI score0.00233EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/08 2:15 a.m.9 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the denied function. An attacker can access arbitrary files on the server by supplying crafted input to the filename argument. Details A Directory Traversal attack also known as path traversal aims to access file...

6.5CVSS7.2AI score0.00301EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/07 12:43 a.m.14 views

CVE-2026-46397

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an Authenticated Local File Inclusion LFI vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written in...

6.5CVSS5.6AI score0.00289EPSS
Exploits0References1
NVD
NVD
added 2026/06/06 4:17 a.m.13 views

CVE-2026-9197

The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.5.1.36 via the replaceHTMLImage function. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on...

4.9CVSS0.00558EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/06 2:28 a.m.10 views

CVE-2026-7565

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

4.9CVSS5.6AI score0.00646EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.25 views

PT-2026-47137

Name of the Vulnerable Software and Affected Versions Smart Slider 3 versions prior to 3.5.1.37 Description The Smart Slider 3 plugin for WordPress contains a Directory Traversal flaw within the replaceHTMLImage function. This allows authenticated attackers with administrator-level access or high...

4.9CVSS5.6AI score0.00558EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin Smart Slider 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.9CVSS5.5AI score0.00558EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin LearnPress – Backup & Migration Tool 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.9CVSS5.4AI score0.00646EPSS
Exploits0References9
CVE
CVE
added 2026/06/05 8:12 p.m.35 views

CVE-2026-11423

The CVE affects Altium Enterprise Server Collaboration Service. The vulnerability is a path traversal in the MCAD and Simulation file download flows caused by improper handling of user-supplied filenames, allowing an authenticated user to craft a filename in a collaboration message that is later ...

9.4CVSS5.6AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-45731

WWBN AVideo is an open source video platform. In 29.0 and earlier, view/update.php reads $POST'updateFile' as a relative path under updatedb/ and passes it to PHP's file for line-by-line execution as part of a database migration. An authenticated administrator can abuse this to read arbitrary tex...

6.9CVSS5.8AI score0.00469EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.14 views

CVE-2026-7182

Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated pdf. This issue was fixed in version 1.1.1...

9.2CVSS5.5AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.15 views

CVE-2026-6403

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckplyziptheme function, which appends a user-controlled 'stylesheet' parameter directly to the theme root directory path without...

7.5CVSS5.5AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.12 views

CVE-2026-39371

RedwoodSDK is a server-first React framework. From 1.0.0-beta.50 to 1.0.5, erver functions exported from "use server" files could be invoked via GET requests, bypassing their intended HTTP method. In cookie-authenticated applications, this allowed cross-site GET navigations to trigger...

8.1CVSS5.3AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder