Lucene search
+L

241 matches found

euvd
euvd
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40965

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References7
nvd
nvd
added 2026/07/01 8:16 a.m.6 views

CVE-2026-12408

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS0.00257EPSS
Exploits0References8
cve
cve
added 2026/07/01 7:53 a.m.17 views

CVE-2026-12408

The CVE-2026-12408 entry concerns the WordPress plugin Slim SEO (versions up to and including 4.9.8). The vulnerability arises from the REST endpoint /wp-json/slim-seo/meta-tags/ai: the permission_callback only checks a top-level edit_posts capability and does not verify that the requester can re...

4.3CVSS5.9AI score0.00257EPSS
Exploits0References8
cvelist
cvelist
added 2026/07/01 7:53 a.m.41 views

CVE-2026-12408 Slim SEO <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure via 'object.ID' Parameter

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS0.00257EPSS
Exploits0References8
euvd
euvd
added 2026/07/01 7:53 a.m.11 views

EUVD-2026-40937

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS5.9AI score0.00257EPSS
Exploits0References8
patchstack
patchstack
added 2026/06/30 7:21 p.m.8 views

WordPress Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure vulnerability

Authenticated Contributor+ Insufficient Authorization to Private Content Disclosure vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin Slim SEO versions = 4.9.8...

4.3CVSS5.8AI score0.00257EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/06/25 1:12 p.m.5 views

CVE-2026-57429

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2
cve
cve
added 2026/06/25 1:12 p.m.16 views

CVE-2026-57429

CVE-2026-57429 is associated with the WordPress plugin Slim SEO (versions ≤ 4.6.2). The vulnerability is described as Broken Access Control in the available connected documents (Patchstack listing and CVE records). Public details in the connected sources confirm the affected software/component an...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/25 1:12 p.m.33 views

CVE-2026-57429 WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS0.00248EPSS
Exploits0References1
euvd
euvd
added 2026/06/25 1:12 p.m.8 views

EUVD-2026-39385

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
patchstack
patchstack
added 2026/06/25 8:14 a.m.6 views

WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Slim SEO versions = 4.6.2...

6.5CVSS5.8AI score0.00248EPSS
Exploits0Affected Software1
euvd
euvd
added 2026/06/23 9:54 p.m.11 views

EUVD-2026-37008

Slim has Reflected XSS in the HtmlErrorRenderer...

6.1CVSS5.8AI score0.00167EPSS
Exploits0References3
nvd
nvd
added 2026/06/15 10:16 p.m.13 views

CVE-2026-48157

Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses HttpException::setTitle and/or setDescription to include untrusted/request-derived data in the error title or description e.g. "No products found...

6.1CVSS0.00167EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/15 8:59 p.m.30 views

CVE-2026-48157 Slim has Reflected XSS in the HtmlErrorRenderer

Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses HttpException::setTitle and/or setDescription to include untrusted/request-derived data in the error title or description e.g. "No products found...

6.1CVSS0.00167EPSS
Exploits0References2
cve
cve
added 2026/06/15 8:59 p.m.31 views

CVE-2026-48157

Slim PHP framework (versions 4.4.0–4.15) is affected by an HTML/JavaScript injection in error pages when HttpException::setTitle() and/or setDescription() are fed with untrusted data. The issue can occur in HTML error pages generated by Slim and is present even with displayErrorDetails = false; v...

6.1CVSS5.5AI score0.00167EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 7:15 p.m.11 views

CVE-2026-20753

Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...

8.7CVSS5.5AI score0.00125EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2026/06/03 9:15 p.m.7 views

haiku-rag (>=0.27.0 <=0.44.0), haiku-rag-slim (>=0.27.0 <=0.44.0) +3 more potentially affected by CVE-2026-44019 via docling-core (>=2.60.1 <=2.74.0)

docling-core PYPI version =2.60.1, =0.27.0, =0.27.0, =0.2.0, =0.42.0, =0.65.0 Source cves: CVE-2026-44019 Source advisory: SNYK:PYTHON-DOCLINGCORE-17151737...

5.5AI score0.0004EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/06/03 9:15 p.m.7 views

haiku-rag (>=0.27.0 <=0.44.0), haiku-rag-slim (>=0.27.0 <=0.44.0) +3 more potentially affected by CVE-2026-44019 via docling-core (>=2.60.1 <=2.74.0)

docling-core PYPI version =2.60.1, =0.27.0, =0.27.0, =0.2.0, =0.42.0, =0.65.0 Source cves: CVE-2026-44019 Source advisory: OSV:GHSA-J5XP-7M2F-49JV...

5.5AI score0.0004EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/05/21 9:35 p.m.9 views

ara-cli (>=0.1.14.13 <=0.1.14.14), clai (>=1.5.0 <=1.98.0) +47 more potentially affected by CVE-2026-46678 via pydantic-ai-slim (>=1.56.0 <=1.98.0)

pydantic-ai-slim PYPI version =1.56.0, =0.1.14.13, =1.5.0, =0.1.0a1, =0.0.400, =1.0.0, =1.0.3, =0.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.1, =0.0.1, =0.0.8 and more Source cves: CVE-2026-46678 Source advisory: OSV:GHSA-CQP8-FCVH-X7R3...

5.7AI score0.00039EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/05/21 9:35 p.m.9 views

ara-cli (>=0.1.14.13 <=0.1.14.14), clai (>=1.5.0 <=1.98.0) +47 more potentially affected by CVE-2026-25580 +1 more via pydantic-ai-slim (>=1.56.0 <=1.98.0)

pydantic-ai-slim PYPI version =1.56.0, =0.1.14.13, =1.5.0, =0.1.0a1, =0.0.400, =1.0.0, =1.0.3, =0.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.1, =0.0.1, =0.0.8 and more Source cves: CVE-2026-25580, CVE-2026-46678 Source advisory: SNYK:PYTHON-PYDANTICAISLIM-16796278...

8.6CVSS6.5AI score0.00579EPSS
Exploits1
Rows per page
Query Builder