Lucene search
K

54 matches found

RedhatCVE
RedhatCVE
added 2026/07/02 12:31 p.m.5 views

CVE-2026-58517

A flaw was found in The Wikimedia Foundation Mediawiki - WikiLambda Extension. This vulnerability, caused by improper neutralization of input terminators, allows an attacker to bypass authentication. This could lead to unauthorized access to the system. Mitigation To mitigate this vulnerability,...

9.1CVSS5.7AI score0.00342EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 7:16 p.m.5 views

CVE-2026-58517

Improper neutralization of input terminators vulnerability in The Wikimedia Foundation Mediawiki - WikiLambda Extension allows Authentication Bypass. This issue affects Mediawiki - WikiLambda Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS0.00342EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 12:57 p.m.16 views

EUVD-2026-40315

A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...

6.5CVSS5.9AI score0.00329EPSS
Exploits1References3
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-348 h11 accepts some malformed Chunked-Encoding bodies

Impact A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. Details HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of: - chunk length - \r\n - leng...

9.1CVSS5.8AI score0.00527EPSS
Exploits0References6
OSV
OSV
added 2026/06/19 5:45 p.m.7 views

GHSA-9WXG-VF3R-56HC OpenZeppelin Contracts Wizard: Line terminators in info.securityContact / info.license can inject lines into generated source

Summary The Contracts Wizard generators printed info.securityContact and info.license verbatim into a single-line comment of the generated Solidity, Cairo, Stellar/Soroban, and Stylus source without rejecting line terminators. A newline \n or \r\n in either field ends the comment, so the text aft...

3.3CVSS6.1AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 8:25 p.m.9 views

undertow: Undertow: Request smuggling via `\r\r\r` as a header block terminator

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

9.1CVSS5.4AI score0.00706EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-44214

eventsource-encoder encodes events as well-formed EventSource/Server Sent Event SSE messages. Prior to 1.0.2, eventsource-encoder does not sanitize the event or id fields of an EventSourceMessage before serializing them. An attacker who controls either field can inject arbitrary Server-Sent Event...

5.8CVSS5.6AI score0.00277EPSS
Exploits1References1
CVE
CVE
added 2026/06/01 7:52 a.m.32 views

CVE-2026-41017

CVE-2026-41017 affects Apache Airflow where JWTRefreshMiddleware sets the JWT cookie without the Secure flag. This impacts deployments exposing the Airflow API server behind TLS-terminating proxies (e.g., nginx, Envoy, or managed load balancers) and may allow a network-positioned attacker to capt...

5.9CVSS5.9AI score0.00265EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.17 views

PT-2026-45366

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description The JWTRefreshMiddleware sets the JWT authentication cookie without the Secure flag. In deployments where the Airflow API server is positioned behind an HTTPS-terminating reverse proxy, the...

5.9CVSS5.4AI score0.00265EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/05/25 10:43 a.m.15 views

CVE-2026-9277

A flaw was found in the shell-quote component. The quote function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpre...

9.2CVSS6.2AI score0.00848EPSS
Exploits1References7
Snyk
Snyk
added 2026/05/22 3:45 p.m.27 views

Arbitrary Command Injection

Overview org.webjars.npm:shell-quote is a package used to quote and parse shell commands. Affected versions of this package are vulnerable to Arbitrary Command Injection via the quote function when object-token inputs containing line terminators \n, \r, U+2028, U+2029 in the .op field are not...

9.2CVSS6.1AI score0.00848EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/22 3:45 p.m.13 views

Arbitrary Command Injection

Overview shell-quote is a package used to quote and parse shell commands. Affected versions of this package are vulnerable to Arbitrary Command Injection via the quote function when object-token inputs containing line terminators \n, \r, U+2028, U+2029 in the .op field are not properly validated...

9.2CVSS6AI score0.00848EPSS
Exploits1References2
NVD
NVD
added 2026/05/22 2:16 p.m.10 views

CVE-2026-9277

shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by character using /./g, which in JavaScript does not match line terminators \n, \r, U+2028, U+2029. A line terminator in .op therefore passed...

9.2CVSS0.00848EPSS
Exploits1References26
OSV
OSV
added 2026/05/22 2:16 p.m.7 views

UBUNTU-CVE-2026-9277

shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by character using /./g, which in JavaScript does not match line terminators \n, \r, U+2028, U+2029. A line terminator in .op therefore passed...

9.2CVSS5.9AI score0.00848EPSS
Exploits1References9
Cvelist
Cvelist
added 2026/05/22 1:22 p.m.38 views

CVE-2026-9277 shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`

shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by character using /./g, which in JavaScript does not match line terminators \n, \r, U+2028, U+2029. A line terminator in .op therefore passed...

9.2CVSS0.00848EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/22 1:22 p.m.8 views

CVE-2026-9277 shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`

shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by character using /./g, which in JavaScript does not match line terminators \n, \r, U+2028, U+2029. A line terminator in .op therefore passed...

9.2CVSS5.9AI score0.00848EPSS
Exploits1References4
CVE
CVE
added 2026/05/22 1:22 p.m.822 views

CVE-2026-9277

CVE-2026-9277 affects the shell-quote library: the quote() function did not validate object-token shapes against the parser’s operator model, allowing line terminators in the .op field to bypass escaping and potentially enable command injection. Exploitation paths include direct construction of {...

9.2CVSS5.9AI score0.00848EPSS
Exploits1References26
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.19 views

PT-2026-42766

Name of the Vulnerable Software and Affected Versions shell-quote versions prior to 1.8.4 Description The quote function fails to validate object-token inputs against the operator model used by parse. Specifically, the .op field is escaped using a regular expression that does not match line...

9.2CVSS5.8AI score0.00848EPSS
Exploits1References52
OSV
OSV
added 2026/05/08 8:49 p.m.6 views

GHSA-M9G3-3G99-MHPX eventsource-encoder vulnerable to SSE event injection via unsanitized `event` and `id` fields

Summary eventsource-encoder does not sanitize the event or id fields of an EventSourceMessage before serializing them. An attacker who controls either field can inject arbitrary Server-Sent Events line terminators \n, \r, or \r\n and thereby forge additional SSE fields or entire messages on the...

5.8CVSS5.9AI score0.00277EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2026-27574

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

5.7AI score0.00122EPSS
Exploits0References6
Rows per page
Query Builder