CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2 days ago•12 views

CVE-2026-40181

Summary: CVE-2026-40181 affects React Router. In versions 7.0.0–7.14.0 and 6.7.0–6.30.3, redirect() can produce an open redirect to an external domain when the URL starts with //, due to protocol-relative URL handling. Impact depends on application-side redirect validation and does not affect Dec...

8.7CVSS5.8AI score0.00041EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

5.3CVSS0.00182EPSS

Vulnrichment•added 2 days ago•4 views

CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes

5.3CVSS5.8AI score0.00182EPSS

Github Security Blog•added 2026/05/26 5:16 p.m.•9 views

XWiki Platform has path traversal via resources parameter in ssx and jsx endpoints when using leading slash

Impact It's possible to get access and read configuration files by using URLs such as http://localhost:8080/bin/ssx/Main/WebHome?resource=/../../WEB-INF/xwiki.cfg&minify=false. This can apparently be reproduced on Tomcat instances. Patches This has been patched in 18.0.0-rc-1, 17.10.3, 17.4.9,...

9.3CVSS5.8AI score0.00051EPSS

Exploits0References5Affected Software1

Snyk•added 2026/05/20 9:45 p.m.•5 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the resource parameter in the ssx and jsx endpoints when a leading slash is used. An attacker can access sensitive configuration files by crafting a URL that traverses directories. Note: This issue is due to...

9.8CVSS5.8AI score0.00371EPSS

CVE•added 2026/05/20 6:39 p.m.•5 views

CVE-2026-23734

XWiki Platform suffers a Path Traversal vulnerability in which configuration files can be read via the resources parameter on the ssx and jsx endpoints using a leading slash (e.g., /../../WEB-INF/xwiki.cfg). Affected releases:

9.3CVSS5.7AI score0.00051EPSS

Vulnrichment•added 2026/05/20 6:39 p.m.•2 views

CVE-2026-23734 XWiki Platform: Path traversal via resources parameter in ssx and jsx endpoints when using leading slash

XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17 allow access to read configuration files by using URLs such as http://localhost:8080/bin/ssx/Main/WebHome?resource=/../../WEB-INF/xwiki.cfg&minify=false, leading to Path Traversal. The...

9.3CVSS5.7AI score0.00051EPSS

Cvelist•added 2026/05/20 6:39 p.m.•21 views

CVE-2026-23734 XWiki Platform: Path traversal via resources parameter in ssx and jsx endpoints when using leading slash

9.3CVSS0.00051EPSS

UbuntuCve•added 2026/05/20 10:16 a.m.•7 views

CVE-2026-44933

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS5.9AI score0.00006EPSS

Positive Technologies•added 2026/05/20 12:0 a.m.•5 views

PT-2026-42136

8.5CVSS5.9AI score0.00006EPSS

EUVD•added 2026/05/19 7:17 p.m.•8 views

EUVD-2026-30974

In the AWS Secrets Manager and SSM Parameter Store secrets backends of apache-airflow-providers-amazon prior to 9.28.0, the team-scoping logic could resolve a connid containing a / e.g. "myteam/conn" to the same path as another team's team-scoped secret when the caller had no team context. A...

5.3CVSS5.8AI score0.0003EPSS

Snyk•added 2026/05/19 3:38 p.m.•3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to improper path validation in the repository checkout process. An attacker can modify files outside the intended target directory, including .git directories, by supplying a maliciously crafted repository payloa...

5.4CVSS6.3AI score0.00013EPSS

5.3CVSS5.8AI score0.00031EPSS

Incorrect Authorization

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Incorrect Authorization via the command update API. An attacker can impersonate existing system or custom commands by editing their own slash...

5.3CVSS5.8AI score0.00031EPSS

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the command update API. An attacker can impersonate existing system or custom commands by editing their own slash command trigger to match an already-registered trigger, potentially hijacking command...

5.3CVSS5.8AI score0.00031EPSS

Incorrect Authorization

5CVSS5.8AI score0.00031EPSS

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Host header when constructing response URLs for custom slash commands. An attacker can redirect responses to a server under their control by sending a specially crafted request with a spoofed Hos...

Cvelist•added 2026/05/18 10:39 a.m.•35 views

CVE-2026-7302 CVE-2026-7302

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

0.00099EPSS