Lucene search
K

547 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43048

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...

6.1AI score0.00181EPSS
Exploits0References2
NVD
NVD
added 6 days ago3 views

CVE-2026-10770

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...

6.1CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.9 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS0.00223EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.7 views

CVE-2026-55119

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.10 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS0.00274EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:50 p.m.9 views

CVE-2026-55119

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS5.8AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:50 p.m.6 views

EUVD-2026-41403

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS5.8AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:50 p.m.40 views

CVE-2026-55119

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:50 p.m.27 views

CVE-2026-55119

The CVE-2026-55119 entry concerns a vulnerability in UniFi Talk Application described as Improper Access Control that could allow a user with network access and low privileges to escalate privileges within the UniFi Talk Application. This is supported by the connected documents which cite a CVSS ...

8.1CVSS5.8AI score0.00201EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/02 2:50 p.m.6 views

EUVD-2026-41394

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS5.8AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:50 p.m.36 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS0.00223EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:50 p.m.6 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS5.8AI score0.00223EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:50 p.m.20 views

CVE-2026-55113

CVE-2026-55113 involves a Server-Side Request Forgery (SSRF) in the UniFi Talk Application that can allow a remote attacker with network access to cause a Denial of Service and bypass authentication on certain UniFi Talk API endpoints. The vulnerability affects the UniFi Talk platform’s API surfa...

7.5CVSS5.8AI score0.00223EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.8 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:49 p.m.12 views

CVE-2026-50747

The CVE-2026-50747 entry concerns the UniFi Talk Application. It describes an authenticated SQL Injection vulnerability that could be leveraged by an attacker with network access and low privileges to escalate privileges on the host device. The issue is characterized as high-severity (CVSS v3.1 b...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/02 2:49 p.m.21 views

EUVD-2026-41390

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.37 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS0.00274EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55232

Name of the Vulnerable Software and Affected Versions UniFi Talk Application affected versions not specified Description An authenticated user with low privileges and network access can exploit SQL Injection flaws to escalate privileges on the host device. SQL Injection is a technique where...

9.9CVSS6AI score0.00274EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/06/11 8:30 a.m.12 views

WordPress Spam protection, Honeypot, Anti-Spam by CleanTalk plugin < 6.79 - Unauthenticated Stored XSS via Comment Shortcode Bypass vulnerability

Unauthenticated Stored XSS via Comment Shortcode Bypass vulnerability discovered by Matthew Rollings in WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk versions 6.79...

8.8CVSS5.4AI score0.00296EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.28 views

PT-2026-48387

Name of the Vulnerable Software and Affected Versions Anti-Spam by CleanTalk. Spam protection WordPress plugin versions prior to 6.79 Description Insufficient sanitization of content within a custom shortcode used in the email-encoding feature allows unauthenticated attackers to perform Stored...

8.8CVSS5.4AI score0.00296EPSS
Exploits0References9
Rows per page
Query Builder