Lucene search
K

434 matches found

EUVD
EUVD
added 2026/07/02 8:29 a.m.8 views

EUVD-2026-41259

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS6AI score0.00321EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-54948

Name of the Vulnerable Software and Affected Versions PIA affected versions not specified Description The OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check instead of validating the issuer as a properly host-bounded URL. This allows an attacker to bypass the check using a...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54315

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in BrowserTag. This occurs when an attacker convinces a user to install a malicious extension, which can then exploit heap corruption—a condition where the...

9.8CVSS5.8AI score0.00413EPSS
Exploits0References450
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-257 AutoGPT bypass of the shell commands denylist settings

A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as whoami and /bin/whoami. An attacker can circumvent this restriction by executing...

9.8CVSS7.3AI score0.00812EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.7 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 5:16 p.m.7 views

CVE-2026-55412

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...

8.3CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 9:16 p.m.8 views

GHSA-M999-J542-5W3R Open Redirect Bypass in miniflux-v2

Summary The URL restrictions in miniflux-v2 can be bypassed by attackers, leading to an open redirect vulnerability. Details Normally, the redirect URL needs to be validated using IsRelativePath. There are some security measures in place, such as requiring relative paths, prohibiting host and...

5.1CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/06/18 6:16 a.m.17 views

CVE-2026-11784

The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.6. This is due to missing or incorrect nonce validation on the replacefile function. This makes it...

4.3CVSS0.00157EPSS
Exploits1References6
NVD
NVD
added 2026/06/17 5:17 p.m.14 views

CVE-2026-53875

picklescan before 1.0.3 contains a scanning bypass vulnerability in the scanpytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the reduce trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while remaining executable,...

7.1CVSS0.00434EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/17 3:5 p.m.23 views

CVE-2026-53875 picklescan - Scanning Bypass via Dynamic Eval in scan_pytorch

picklescan before 1.0.3 contains a scanning bypass vulnerability in the scanpytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the reduce trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while remaining executable,...

7.1CVSS0.00434EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/17 3:5 p.m.12 views

EUVD-2026-37741

picklescan before 1.0.3 contains a scanning bypass vulnerability in the scanpytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the reduce trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while remaining executable,...

7.1CVSS6AI score0.00434EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 10:17 p.m.12 views

CVE-2026-53736

Easy Twitter Feeds before 1.2.13 contains a cross-site request forgery vulnerability in the duplicatepost action handler that lacks nonce verification. Attackers can trick an authenticated user into visiting a crafted link that duplicates any post regardless of post type...

5.1CVSS0.00104EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 10:57 p.m.13 views

Malicious code in sb-original (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0e07a765f6ef2042da47b1c017ecc5f6f1f99167da76e04c4b2c4ea6ecfcb83 [email protected] is an unscoped package whose version is set to 9999.99.99 to win semver resolution against any internal package of the same...

5.4AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6864

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.7AI score0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:14 p.m.13 views

CVE-2026-0094

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

5.9AI score0.00058EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 6:16 a.m.14 views

CVE-2026-7533

The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.7. This is due to missing nonce verification in the handleoauthredirect function, which is registered on the admininit hook and processes Square OAuth tokens from ...

4.3CVSS0.00135EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 7:45 a.m.28 views

CVE-2026-8906

The CVE-2026-8906 entry affects the WordPress WP Promoter plugin (versions up to 1.3). The root cause is missing or incorrect nonce validation enabling Cross-Site Request Forgery, allowing unauthenticated attackers to update settings and inject malicious scripts via forged requests (notably relat...

6.1CVSS5.7AI score0.00119EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 7:45 a.m.38 views

CVE-2026-8906 WP Promoter <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'popup_width' Parameter

The WP Promoter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts...

6.1CVSS0.00119EPSS
Exploits0References5
NVD
NVD
added 2026/05/20 8:16 a.m.26 views

CVE-2026-6405

The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS in versions up to and including 0.3.6. This is due to missing nonce verification on the settings page handler and insufficient output...

4.3CVSS0.00168EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak applications that had direct access to AFUNIX sockets—such as those used by Wayland, Pipewire, or pipewire-pulse—could trick portals and other host-...

8.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Rows per page
Query Builder