Lucene search
K

6 matches found

NVD
NVD
added 3 days ago4 views

CVE-2026-58252

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset...

6.5CVSS0.00465EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/23 9:0 p.m.5 views

CVE-2026-50193

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if and only if the service reads deeply nested 1000s of levels JSON as JsonNode...

7.5CVSS5.8AI score0.00616EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.16 views

PT-2026-51594

Name of the Vulnerable Software and Affected Versions jackson-databind versions 2.13.0 through 2.13.x Description A potential Denial-of-Service exists when a service reads deeply nested JSON thousands of levels as a JsonNode using the readTree function of ObjectMapper and subsequently writes that...

7.5CVSS5.9AI score0.00616EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2025/10/27 1:39 p.m.3 views

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

5.6AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:3 a.m.6 views

CVE-2023-2109

Cross-site Scripting XSS - DOM in GitHub repository chatwoot/chatwoot prior to 2.14.0...

6.1CVSS6.1AI score0.00366EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/19 12:0 a.m.11 views

PT-2024-34946 · Go Skynet · Localai

Name of the Vulnerable Software and Affected Versions: mudler/localai version 2.14.0 github.com/go-skynet/LocalAI before v2.16.0 Description: A path traversal vulnerability exists, allowing an attacker to exploit the model parameter during the model deletion process to delete arbitrary files. By...

9.1CVSS7.7AI score0.25538EPSS
Exploits1References10
Rows per page
Query Builder