Lucene search
+L

1128 matches found

CVE
CVE
added 2026/06/15 10:27 p.m.31 views

CVE-2026-48723

BrowserStack Cypress CLI prior to 1.36.4 is vulnerable to OS command injection via the cypress_config_file parameter in readCypressConfigUtil.js (loadJsFile()), which builds a shell command by interpolating cypress_config_filepath into a template literal and runs it with child_process.execSync()....

7.8CVSS5.5AI score0.00533EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.11 views

CVE-2026-42013 affecting package gnutls for versions less than 3.8.13-1

CVE-2026-42013 affecting package gnutls for versions less than 3.8.13-1. An upgraded version of the package is available that resolves this issue...

8.2CVSS5.2AI score0.00423EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.8 views

CVE-2026-5222 affecting package rust for versions less than 1.75.0-30

CVE-2026-5222 affecting package rust for versions less than 1.75.0-30. A patched version of the package is available...

6.5CVSS5.2AI score0.00328EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.9 views

CVE-2026-11822 affecting package sqlite for versions less than 3.44.0-4

CVE-2026-11822 affecting package sqlite for versions less than 3.44.0-4. A patched version of the package is available...

8.5CVSS5.2AI score0.00175EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.8 views

CVE-2026-10879 affecting package perl-DBI for versions less than 1.643-4

CVE-2026-10879 affecting package perl-DBI for versions less than 1.643-4. A patched version of the package is available...

9.8CVSS5.2AI score0.00413EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/12 8:7 p.m.33 views

CVE-2026-54057 Kitty vulnerable to command injection via unsanitized OSC 21 query reply

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 color-control query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version 0.47.3 fixes the issue...

7.3CVSS0.00166EPSS
Exploits1References1
NVD
NVD
added 2026/06/12 2:16 a.m.14 views

CVE-2026-45170

Idira Vendor PAM - Self-Hosted Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17...

8.8CVSS0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

Nimiq 数据伪造问题漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.4.0 had a data manipulation vulnerability. This vulnerability stems from a logical flaw in the BlockInclusionProof::isblockproven function, causing it to return true without performing any...

5.9CVSS5.2AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Adobe CAI Content Credentials 路径遍历漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc. in the United States. It offers capabilities for authenticating digital content sources and tracking editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1...

5.5CVSS5.6AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.11 views

CVE-2026-31266

Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...

7.3CVSS5.4AI score0.00283EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-45338

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery SSRF vulnerability exists in processpictureurl in backend/openwebui/utils/oauth.py line 1338. The function fetches arbitrary URLs from OAuth picture...

7.7CVSS5.6AI score0.00381EPSS
Exploits1References1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-40226 affecting package systemd for versions less than 255-30

CVE-2026-40226 affecting package systemd for versions less than 255-30. A patched version of the package is available...

6.4CVSS5.4AI score0.00072EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.22 views

CVE-2026-33814 affecting package azurelinux-image-tools for versions less than 1.4.0-2

CVE-2026-33814 affecting package azurelinux-image-tools for versions less than 1.4.0-2. A patched version of the package is available...

7.5CVSS5.4AI score0.00781EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.11 views

CVE-2025-2137 affecting package nodejs for versions less than 24.14.1-3

CVE-2025-2137 affecting package nodejs for versions less than 24.14.1-3. An upgraded version of the package is available that resolves this issue...

8.8CVSS7.5AI score0.00363EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/05 11:3 a.m.8 views

CVE-2026-25657 Ericsson Packet Core Gateway (PCG) - Improper Handling of Syntactically Invalid Structure Vulnerability

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure CWE-228 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.15 views

PT-2026-46958

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.648 Description A heap overflow occurs when preparsing SQL statements containing more than 9 binders. The preparse function expands SQL placeholder characters into numbered binders using the format :pN, but it only...

9.8CVSS5.6AI score0.00452EPSS
Exploits0References37
Rows per page
Query Builder