Lucene search
K

106 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-12732

The LearnPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'classwrapperform' shortcode attribute in versions up to, and including, 4.4.0. This is due to insufficient input sanitization and output escaping in the FilterCourseTemplate::sections method at line 98, wher...

6.4CVSS0.00193EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 3:23 p.m.31 views

CVE-2026-48942 Joomla Extension - getk2.org - Stored-XSS in K2 extension for Joomla < 2.26

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

0.00149EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 7:12 p.m.3 views

Cross-site Scripting (XSS)

Overview litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Cross-site Scripting XSS through the Template response rendering path in the HTML template components. An attacker can inject arbitrary HTML o...

4.7CVSS5.2AI score0.0003EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-39891

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the createagentcentrictools function returns tools like acpcreatefile that process file content using template rendering. When user input from agent.start is passed directly into these tools without escaping, template expressions in the...

8.8CVSS5.5AI score0.00558EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/01 7:50 a.m.33 views

CVE-2026-42360 Apache Airflow: Rendered template truncation bypasses nested sensitive-key masking

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

0.00335EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

view_component 安全漏洞

viewcomponent is an open-source framework developed by ViewComponent, designed for building reusable and testable view components. There are security vulnerabilities in the viewcomponent version 3.0.0 to 4.9.0. These vulnerabilities stem from the fact that the preview routing does not verify...

6.5CVSS5.8AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/20 7:57 p.m.9 views

CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

3CVSS5.8AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 2:16 p.m.10 views

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

9.9CVSS0.00738EPSS
Exploits0References3
OSV
OSV
added 2026/05/20 2:16 p.m.7 views

UBUNTU-CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

9.9CVSS6.2AI score0.00738EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/20 2:16 p.m.9 views

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

9.9CVSS6.2AI score0.00738EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/20 1:45 p.m.8 views

CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

8.8CVSS6.2AI score0.00738EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/20 1:45 p.m.61 views

CVE-2026-24425

Twig 2.16.x and 3.9.0–3.25.x contain a sandbox bypass via SourcePolicyInterface, allowing runtime bypass of sandbox checks when using a source policy to execute arbitrary code. The underlying issue is a runtime check that fails to use the current template source, enabling code execution if sandbo...

9.9CVSS6.2AI score0.00738EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 1:45 p.m.8 views

CVE-2026-24425 Twig 2.16.x & 3.9.0-3.25.x Sandbox Bypass via SourcePolicyInterface

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

8.8CVSS6.2AI score0.00738EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 1:45 p.m.49 views

CVE-2026-24425 Twig 2.16.x & 3.9.0-3.25.x Sandbox Bypass via SourcePolicyInterface

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...

8.8CVSS0.00738EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/09 2:21 a.m.11 views

CVE-2026-36458

ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cmscontent tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2026/05/09 12:40 a.m.5 views

GHSA-J658-C2GF-X6PQ Velocity.js has a Prototype Pollution vulnerability through #set path assignment

Summary A prototype pollution vulnerability was discovered in Velocity.js key = val. Because there is no validation or filtering to block sensitive keys such as \proto\, constructor, or prototype, an attacker can traverse the prototype chain and pollute the global Object.prototype. PoC javascript...

8.3CVSS5.8AI score0.00505EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/09 12:40 a.m.9 views

Velocity.js has a Prototype Pollution vulnerability through #set path assignment

Summary A prototype pollution vulnerability was discovered in Velocity.js key = val. Because there is no validation or filtering to block sensitive keys such as \proto\, constructor, or prototype, an attacker can traverse the prototype chain and pollute the global Object.prototype. PoC javascript...

9.8CVSS5.8AI score0.00505EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/08 7:16 a.m.5 views

UBUNTU-CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

3CVSS5.8AI score0.00336EPSS
Exploits0References4
CVE
CVE
added 2026/05/07 7:41 p.m.58 views

CVE-2026-39823

Summary: CVE-2026-39823 covers an escapebug in HTML meta tag content handling that can trigger XSS when URLs are inserted into a meta tag’s content attribute and whitespace is manipulated. Multiple connected sources confirm the issue and describe the root cause as incorrect escaping of URLs insid...

6.1CVSS7.3AI score0.00328EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/07 3:16 p.m.15 views

CVE-2026-36458

ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cmscontent tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered...

9.8CVSS0.00373EPSS
Exploits0References2
Rows per page
Query Builder