Lucene search
K

182 matches found

Cvelist
Cvelist
added 2026/05/27 5:34 p.m.46 views

CVE-2026-45087 Dalfox: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server Mode

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options...

10CVSS0.01051EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:34 p.m.13 views

CVE-2026-45087 Dalfox: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server Mode

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options...

10CVSS6AI score0.01051EPSS
Exploits2References2
CVE
CVE
added 2026/05/27 5:34 p.m.12 views

CVE-2026-45087

Dalfox (server mode) prior to v2.13.0 is vulnerable to unauthenticated remote code execution. When running dalfox server with default 0.0.0.0:6664 and no API key, POST /scan deserializes attacker-controlled options (FoundAction and FoundActionShell) into scan config, then shell commands are execu...

10CVSS6AI score0.01051EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/05/27 5:33 p.m.45 views

CVE-2026-45089 Dalfox: Unauthenticated Arbitrary File Create/Append via `output` Option in Dalfox Server Mode

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options are JSON-tagged and deserialized directly from the attacker's request body, then propagated...

8.2CVSS0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:33 p.m.14 views

EUVD-2026-32614

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options are JSON-tagged and deserialized directly from the attacker's request body, then propagated...

8.2CVSS5.8AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 5:33 p.m.22 views

CVE-2026-45089

Dalfox AOSS (CVE-2026-45089) allows unauthenticated arbitrary file creation/append when running in REST server mode. Before v2.13.0, the API accepts attacker-controlled OutputFile, OutputAll, and Debug in model.Options; the logger writes to the attacker-specified path via os.OpenFile with O_APPEN...

8.2CVSS5.8AI score0.00243EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:33 p.m.12 views

CVE-2026-45089 Dalfox: Unauthenticated Arbitrary File Create/Append via `output` Option in Dalfox Server Mode

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options are JSON-tagged and deserialized directly from the attacker's request body, then propagated...

8.2CVSS5.8AI score0.00243EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 5:33 p.m.42 views

CVE-2026-45090 Dalfox: Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes...

7.5CVSS0.00231EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:33 p.m.14 views

CVE-2026-45090 Dalfox: Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:33 p.m.7 views

CVE-2026-45090

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/27 5:33 p.m.21 views

CVE-2026-45090

Dalfox (CVE-2026-45090) suffers a channel lifecycle bug in ParameterAnalysis.go: two sequential worker stages share a single results channel, which is closed after the first stage and then reused by the second stage for POST-body parameters. When a parameter is reflected, the second-stage writer ...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:33 p.m.10 views

EUVD-2026-32613

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/20 7:7 p.m.7 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition via the ParameterAnalysis process in server mode. An attacker can cause the application to crash or become unresponsive by sending crafted requests that trigger a closed-channel write. Remediation Upgrade...

8.7CVSS5.8AI score0.00231EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/20 7:7 p.m.7 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition via the ParameterAnalysis process in server mode. An attacker can cause the application to crash or become unresponsive by sending crafted requests that trigger a closed-channel write. Remediation Upgrade...

8.7CVSS5.8AI score0.00231EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in NTP

In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, ntpd allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This occurs because transmissions are rescheduled even when a packet lacks a valid origin timestamp...

7.5CVSS6.2AI score0.02081EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 5:16 p.m.16 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS0.00479EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 5:16 p.m.22 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS0.00482EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 3:53 p.m.14 views

EUVD-2026-30956

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 3:53 p.m.11 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 3:53 p.m.11 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References2
Rows per page
Query Builder