Lucene search
K

109 matches found

NVD
NVD
added 6 days ago6 views

CVE-2026-12408

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS0.00257EPSS
Exploits0References8
CVE
CVE
added 6 days ago13 views

CVE-2026-12408

The CVE-2026-12408 entry concerns the WordPress plugin Slim SEO (versions up to and including 4.9.8). The vulnerability arises from the REST endpoint /wp-json/slim-seo/meta-tags/ai: the permission_callback only checks a top-level edit_posts capability and does not verify that the requester can re...

4.3CVSS5.9AI score0.00257EPSS
Exploits0References8
Schneier on Security
Schneier on Security
added 2026/06/25 5:3 p.m.12 views

AI and Liability

Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like "users can check for themselves," and that they generally know "that information generated with AI should not be blindly trusted," the court held that the AI's summaries are...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.9 views

CVE-2026-32244

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

5.3CVSS5.4AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 11:55 a.m.5 views

BIT-DISCOURSE-2026-32244 Discourse: Cached outdated summaries can leak removed content

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4, 2026.3.1,...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 12:16 a.m.20 views

CVE-2026-32244

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

5.3CVSS0.00233EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 12:4 a.m.15 views

CVE-2026-32244

Discourse: Cached outdated AI summaries can leak removed content to anonymous/unprivileged users who cannot regenerate summaries. Affected in versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest. Fixed in those versions. Remediation: upgrade to 2026.1.4, 2026.3.1, 2026.4.1, or 2026....

5.3CVSS5.8AI score0.00233EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/19 12:4 a.m.47 views

CVE-2026-32244 Discourse: Cached outdated summaries can leak removed content

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

5.3CVSS0.00233EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 12:4 a.m.18 views

EUVD-2026-30815

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 12:4 a.m.8 views

CVE-2026-32244 Discourse: Cached outdated summaries can leak removed content

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:4 a.m.9 views

CVE-2026-32244

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.14 views

PT-2026-41758

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.1.4 Discourse versions prior to 2026.3.1 Discourse versions prior to 2026.4.1 Discourse versions prior to 2026.5.0-latest.1 Description Outdated cached AI summaries can leak removed content to anonymous and...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Discourse 信息泄露漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1 contain information leakage vulnerabilitie...

5.3CVSS5.8AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 1:43 p.m.4 views

GHSA-97R8-RF7Q-WMJW Sveltia CMS: Stored XSS in entry summary rendering via entity-decoded HTML

Impact A stored cross-site scripting XSS vulnerability affected entry summary rendering in Sveltia CMS. Entry summaries that allowed limited Markdown were parsed, sanitized, and then HTML entities were decoded. This order allowed specially crafted entity-encoded HTML, such as encoded tags or even...

2.3CVSS5.8AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40841

Four CVEs CVE-2026-29103, CVE-2026-29104, CVE-2026-29892, CVE-2026-30441 shared the same root cause. An MCP server's response to the client includes free-form text fields — tool descriptions, resource summaries, prompt argument hints. These fields are surfaced into the…...

9.1CVSS5.8AI score0.00497EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/08 11:10 a.m.10 views

CVE-2026-43864

A flaw was found in mutt. This vulnerability, a null pointer dereference in the showsigsummary function, could allow an attacker to cause a denial of service. This occurs when processing specially crafted input related to signature summaries. Mitigation Mitigation for this issue is either not...

4.7CVSS5.6AI score0.00096EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 10:22 p.m.4 views

GHSA-95Q8-X6R6-672M Lemmy may expose private community data through community, saved, liked, and modlog API views

NOTE: Only affects development version. Summary Lemmy applies private-community checks in PostView and CommentView, but several adjacent API views skip the accepted-follower filter. Bob, a registered user who is not an accepted follower, can read private community sidebar and summary fields. Alic...

5.3CVSS5.5AI score
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/03 8:54 a.m.81 views

summary-awi-poc

summary-awi-poc Public proof-of-concept repository for valida...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.7 views

Discourse 安全漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain security vulnerabilities. These...

8.7CVSS5.8AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 1:21 a.m.36 views

CVE-2025-67475 Stored XSS through edit summaries in MW Core

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6,...

0.00211EPSS
Exploits0References1
Rows per page
Query Builder