Lucene search
K

465 matches found

Nuclei
Nuclei
added 11 hours ago14 views

Mockoon < 9.2.0 - Path Traversal

Mockoon before 9.2.0 contains a path traversal and local file inclusion caused by unsafe templating of server filenames from user input, letting attackers read arbitrary files on the mock server filesystem, exploit requires crafted request. id: CVE-2025-59049 info: name: Mockoon 9.2.0 - Path...

7.5CVSS7.1AI score0.0166EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 5 days ago4 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.5AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 3:52 a.m.6 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.5AI score0.01131EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/02 7:10 p.m.6 views

CVE-2026-11769

A flaw was found in the Grafana Operator. This vulnerability allows a malicious user, who can create Dashboard or LibraryPanel resources for a Grafana instance, to exploit a path traversal issue within the jsonnet data templating language. This exploitation can lead to privilege escalation and...

8.8CVSS5.7AI score0.00361EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/30 11:5 a.m.7 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.4AI score0.01131EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.39 views

PT-2026-53311

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper restriction of file path resolution allows arbitrary local file content to be read and transmitted to Snowflake services. An attacker can exploit this by providing crafted repository or...

6.3CVSS6.1AI score0.00139EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

TencentOS Server 3: ruby:3.3 (TSSA-2026:0546)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0546 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.1CVSS6.4AI score0.01131EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/10 7:12 p.m.17 views

Litestar has HTML Injection Through its CSRF Token

Overview Litestar instances which use a template engine in conjunction with CSRF protection are vulnerable to HTML Injection which can be escalated to Cross Site Scripting due to the contents of the CSRF cookie being excluded from automatic escaping by the template engine when configured inline...

5.5AI score0.0003EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.27 views

PT-2026-48542

Overview Litestar instances which use a template engine in conjunction with CSRF protection are vulnerable to HTML Injection which can be escalated to Cross Site Scripting due to the contents of the CSRF cookie being excluded from automatic escaping by the template engine when configured inline...

8.1CVSS5.5AI score0.0003EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-6169

The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine's runString method which compiles user-supplied template content into PHP code and executes it via eval...

7.2CVSS6.7AI score0.00581EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.10 views

CVE-2026-2587

A critical Remote Code Execution RCE vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language EL “expressions” are processed...

9.6CVSS5.9AI score0.00628EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:50 a.m.10 views

CVE-2026-42360

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

7.5CVSS5.8AI score0.00586EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 7:50 a.m.27 views

CVE-2026-42360

Apache Airflow CVE-2026-42360 describes a vulnerability in the rendered-template field handling where nested sensitive-keys (password/token/secret/api_key) could be exposed if the rendered field exceeded max_templated_field_length. The bug occurs because the structure is stringified before redact...

6.5CVSS5.8AI score0.00335EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/05/27 8:16 a.m.16 views

CVE-2026-6169

The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine's runString method which compiles user-supplied template content into PHP code and executes it via eval...

7.2CVSS0.00581EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/27 6:46 a.m.8 views

CVE-2026-6169 affiliate-toolkit <= 3.8.5 - Authenticated (Editor+) Remote Code Execution

The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine's runString method which compiles user-supplied template content into PHP code and executes it via eval...

7.2CVSS6.7AI score0.00581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 7:42 a.m.42 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/26 7:37 a.m.13 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/26 7:22 a.m.22 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/26 5:33 a.m.23 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/05/20 3:35 p.m.9 views

org.glassfish.main.admingui:admingui (>=7.0.0 <=9.0.0-M1), org.glassfish.main.admingui:console-cluster-plugin (>=7.0.0 <=9.0.0-M1) +19 more potentially affected by CVE-2026-2586 via org.glassfish.jsftemplating:jsftemplating (>=4.0.0 <=4.1.0)

org.glassfish.jsftemplating:jsftemplating MAVEN version =4.0.0, =7.0.0, =7.0.0, =7.0.16, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =9.0.0-M1 and more Source cves: CVE-2026-2586 Source advisory: SNYK:JAVA-ORGGLASSFISHJSFTEMPLATING-167906...

9.1CVSS5.4AI score0.00819EPSS
Exploits1
Rows per page
Query Builder