Lucene search
K

28446 matches found

Nuclei
Nuclei
added 7 hours ago57 views

Edito CMS - Sensitive Data Leak

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthorized user. id: CVE-2024-4836 info: name: Edito CMS - Sensitive Data Leak author: s4e-io severity: high description: | Web...

7.5CVSS6.1AI score0.02651EPSS
Exploits0References3
Nuclei
Nuclei
added 7 hours ago185 views

Ivanti EPM Cloud Services Appliance Code Injection

Ivanti EPM Cloud Services Appliance CSA before version 4.6.0-512 is susceptible to a code injection vulnerability because it allows an unauthenticated user to execute arbitrary code with limited permissions nobody. id: CVE-2021-44529 info: name: Ivanti EPM Cloud Services Appliance Code Injection...

9.8CVSS7.4AI score0.99105EPSS
Exploits9References5
Nuclei
Nuclei
added 7 hours ago131 views

SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery

SAP BusinessObjects Business Intelligence Platform Web Services 410, 420, and 430 is susceptible to blind server-side request forgery. An attacker can inject arbitrary values as CMS parameters to perform lookups on the internal network, which is otherwise not accessible externally. On successful...

5.3CVSS6.6AI score0.61736EPSS
Exploits3References5
EUVD
EUVD
added 14 hours ago5 views

EUVD-2026-43555

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS6.1AI score
Exploits0References6
CVE
CVE
added 14 hours ago7 views

CVE-2026-44753

CVE-2026-44753 affects SAP HANA Database (User Self Service) / Extended Application Services classic model. An unauthenticated attacker can send specially crafted requests to obtain distinguishable responses that enumerate valid user accounts and email addresses. Impact is described as low confid...

3.7CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added yesterday16 views

CVE-2026-62240 CrewAI < 1.15.1 SSRF Filter Bypass via HTTP Redirect in Scrape Tools

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-59516

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Reflected XSS.This issue affects ICS Calendar: from n/a through = 12.1.1...

7.1CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-59516

This CVE concerns the WordPress ICS Calendar plugin (ics-calendar) with versions up to 12.1.1. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw caused by improper neutralization of input during web page generation. Affected component: ICS Calendar plugin’s input handling on the we...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References1
EUVD
EUVD
added yesterday8 views

EUVD-2026-43249

A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function buildtargeturl of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extractedpathandquery can lead to server-side request forgery...

6.5CVSS6.3AI score0.00333EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago8 views

Malicious code in data-harvester (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21c2e2c21d9afac9277d95589962d33a09651a5b6ef7e0b3c9e07aee56af213f On first import, dataharvester/init.py decodes a base64-embedded 486KB Linux ELF, writes it to /.config/.npm-cache/snapd-network, sets mode 0777, and...

6.2AI score
Exploits0References3
Fedora
Fedora
added 2 days ago8 views

[SECURITY] Fedora 44 Update: python-tornado-6.5.7-1.fc44

Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...

8.7CVSS6.7AI score0.00375EPSS
Exploits0
NVD
NVD
added 3 days ago9 views

CVE-2026-61429

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
Nuclei
Nuclei
added 3 days ago61 views

Cisco ASA/FTD Software - Cross-Site Scripting

Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities are...

6.1CVSS7AI score0.85439EPSS
Exploits2
NVD
NVD
added 4 days ago7 views

CVE-2026-49213

TypeBot is a chatbot builder tool. Prior to 3.17.2, Typebot's shared SSRF validator in packages/lib/src/ssrf/validateHttpReqUrl.ts can be bypassed with the IPv6 unspecified address :: because validateIPAddress blocks local, metadata, and private ranges but does not block :: or its expanded form. ...

8.1CVSS0.00319EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-49213 TypeBot: SSRF protection bypass via IPv6 unspecified address in Typebot HTTP request execution

TypeBot is a chatbot builder tool. Prior to 3.17.2, Typebot's shared SSRF validator in packages/lib/src/ssrf/validateHttpReqUrl.ts can be bypassed with the IPv6 unspecified address :: because validateIPAddress blocks local, metadata, and private ranges but does not block :: or its expanded form. ...

8.1CVSS0.00319EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-53450

A flaw was found in Coturn, an open-source implementation of TURN and STUN servers. An authenticated TURN client can bypass the default loopback protection mechanism by using an IPv4-mapped IPv6 peer address. This allows the client to expose services that are intended to be accessible only from t...

7.4CVSS6AI score0.00287EPSS
Exploits0References5
Snyk
Snyk
added 4 days ago4 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the image process in open-sse/translator/concerns/image.js. An attacker can access internal-only HTTP services by...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-56676

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-56676 9router: Image prefetch DNS rebinding allows SSRF to internal services

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS0.00154EPSS
Exploits0References3
OSV
OSV
added 4 days ago3 views

CVE-2026-56676 9router: Image prefetch DNS rebinding allows SSRF to internal services

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References5
Rows per page
Query Builder