Lucene search
+L

1396 matches found

CVE
CVE
added yesterday30 views

CVE-2026-8859

Langflow OSS (versions 1.0.0–1.10.0) contains a path traversal vulnerability in the APIRequest component when the Save to File feature is enabled. Filenames parsed from HTTP Content-Disposition headers are not sanitized, allowing an attacker-controlled server to craft paths (e.g., ../) and writ...

9.9CVSS5.5AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-14503

The pCloud WP Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.3 via the wp2pclajaxprocessrequestinner. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract force generation of a...

6.5CVSS6.1AI score0.00287EPSS
Exploits0References8
Cvelist
Cvelist
added yesterday10 views

CVE-2026-36669

An unauthenticated arbitrary file upload vulnerability in ckuploadhandler.php in Feng Office 3.11.13.11 allows remote attackers to upload malicious files such as .html to the web-accessible /tmp/ directory...

Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-45534

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase Redshift datasource connections can load attacker-controlled rsjdbc.ini configuration from System.getProperty"java.io.tmpdir", setting...

9CVSS0.00396EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-45534 DataEase: RCE Vulnerability

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase Redshift datasource connections can load attacker-controlled rsjdbc.ini configuration from System.getProperty"java.io.tmpdir", setting...

9CVSS0.00396EPSS
Exploits0References3
NVD
NVD
added 2026/07/10 3:16 p.m.8 views

CVE-2026-58661

n8n before 2.28.0 and before 1.123.58 on the 1.x branch contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly...

5.3CVSS0.00225EPSS
Exploits0References2
CVE
CVE
added 2026/07/10 1:58 p.m.8 views

CVE-2026-58661

n8n is affected: older releases (before 2.28.0 and, on the 1.x branch, before 1.123.58) contain a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota does not account for files already written to the shared temporary directory, allowing an authenticat...

5.3CVSS6.1AI score0.00225EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/10 1:58 p.m.31 views

CVE-2026-58661 n8n - Disk Space Exhaustion via Data-Table File Upload Endpoint

n8n before 2.28.0 and before 1.123.58 on the 1.x branch contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly...

5.3CVSS0.00225EPSS
Exploits0References2
OSV
OSV
added 2026/07/10 1:58 p.m.3 views

CVE-2026-58661 n8n - Disk Space Exhaustion via Data-Table File Upload Endpoint

n8n before 2.28.0 and before 1.123.58 on the 1.x branch contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly...

5.3CVSS6.1AI score0.00225EPSS
Exploits0References4
CVE
CVE
added 2026/07/09 7:2 p.m.16 views

CVE-2026-0282

CVE-2026-0282 describes a file deletion vulnerability in Palo Alto Networks PAN-OS that allows an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. Affected are PAN-OS on PA-Series and VM-Series firewalls and Panorama (virtual...

6.9CVSS6AI score0.00288EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/09 7:2 p.m.6 views

CVE-2026-0282

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web...

6.9CVSS6AI score0.00288EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/07/08 7:5 a.m.6 views

CVE-2026-12479

A flaw was found in Keras, specifically in the model saving and loading library. This path traversal vulnerability occurs due to improper handling of user-provided layer names, which allows an attacker to craft a malicious Keras model. When this model is saved or loaded, it can escape its intende...

6.1CVSS6.4AI score0.00263EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/06 7:50 p.m.11 views

EUVD-2026-24971

mktemp: empty TMPDIR creates temp files in CWD instead of /tmp...

3.3CVSS5.9AI score0.00133EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-56055

Name of the Vulnerable Software and Affected Versions linuxfabrik-monitoring-plugins affected versions not specified Description SQLite databases are created using predictable static paths in /tmp, allowing any user to create a symlink at these locations pointing to arbitrary files. When monitori...

5.1CVSS6.2AI score
Exploits0References7
OSV
OSV
added 2026/07/01 5:20 p.m.5 views

DRUPAL-CONTRIB-2026-065

The Canvas AI submodule allows you to upload image files via a custom API to use within the AI web chat. These file uploads are insufficiently validated before being written to Drupal's temporary directory. In some cases, this may lead to cross-site scripting XSS...

6.1CVSS5.6AI score0.00253EPSS
Exploits0References1
Drupal
Drupal
added 2026/07/01 12:0 a.m.6 views

Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-065

The Canvas AI submodule allows you to upload image files via a custom API to use within the AI web chat. These file uploads are insufficiently validated before being written to Drupal's temporary directory. In some cases, this may lead to cross-site scripting XSS...

6.1CVSS5.8AI score0.00253EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 12:16 p.m.22 views

CVE-2026-13165

SzafirHost is affected by a remote code execution vulnerability (CVE-2026-13165) in the way it validates versus extracts native libraries from archives. The application verifies the downloaded native library archive using JarFile (Central Directory) but extracts libraries with JarInputStream (seq...

8.6CVSS6AI score0.00418EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-346 gramps-webapi: Zip Slip Path Traversal in Media Archive Import

Summary A path traversal vulnerability Zip Slip exists in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with directory-traversal filenames to write arbitrary files outside the intended temporary extraction directory on the...

9.1CVSS6AI score0.00401EPSS
Exploits0References7
NVD
NVD
added 2026/06/26 4:16 p.m.16 views

CVE-2025-11919

The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...

9.6CVSS0.004EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 3:39 p.m.9 views

EUVD-2025-210362

The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...

9.6CVSS6.2AI score0.004EPSS
Exploits0References1
Rows per page
Query Builder