Lucene search
K

36 matches found

RedHat Linux
RedHat Linux
added 3 days ago5 views

jastow: Jastow Cross-Site Scripting attack due to unsanitized URI

A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting XSS attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling...

6.5CVSS5.9AI score0.00246EPSS
Exploits0References4
NVD
NVD
added 3 days ago7 views

CVE-2025-12799

A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting XSS attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling...

6.5CVSS0.00246EPSS
Exploits0References6
CVE
CVE
added 4 days ago11 views

CVE-2026-59711

CVE-2026-59711 affects the showdown library. A cross-site scripting vulnerability exists in metadata title handling when the completeHTMLDocument option is enabled; unescaped characters in markdown frontmatter metadata are placed into HTML title tags, allowing script execution in the rendered pa...

6.1CVSS6AI score0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago3 views

CVE-2026-59711

showdown contains a cross-site scripting vulnerability in metadata title handling that allows attackers to inject arbitrary HTML and JavaScript. When completeHTMLDocument option is enabled, unescaped less-than and greater-than characters in markdown frontmatter metadata are inserted directly into...

6.1CVSS6AI score0.00187EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/23 6:38 a.m.6 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits9References5
RedHat Linux
RedHat Linux
added 2026/06/03 3:28 a.m.32 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.4AI score0.12797EPSS
Exploits9References5
NVD
NVD
added 2026/06/02 8:16 p.m.12 views

CVE-2026-48598

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.partheadersfordisposition/1 interpolates each disposition parameter as k="v" with no validation of CR \r, LF \n, o...

2.1CVSS0.00143EPSS
Exploits0References4
OSV
OSV
added 2026/05/26 3:16 p.m.7 views

ALPINE-CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9CVSS6.4AI score0.12797EPSS
Exploits9References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:44 p.m.7 views

CVE-2026-44294

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript property accessors from schema-controlled field and oneof names. Certain control characters in field names were not escaped before being embedded into generated functio...

5.3CVSS5.8AI score0.00431EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/04/13 7:22 p.m.6 views

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection through the Lookup and AuthPlain functions in internal/auth/ldap/ldap.go. An attacker can authenticate or enumerate accounts by supplying a username that contains LDAP filter metacharacters, causing the username to be...

9.4CVSS5.7AI score0.00419EPSS
Exploits1References2
OSV
OSV
added 2026/04/10 6:31 p.m.8 views

GHSA-4F7C-PMJV-C25W Apache Log4net: Silent log event loss in XmlLayout and XmlLayoutSchemaLog4J due to unescaped XML 1.0 forbidden characters

Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML 1.0...

6.3CVSS5.8AI score0.0075EPSS
Exploits0References8
CVE
CVE
added 2026/04/10 3:45 p.m.15 views

CVE-2026-40023

CVE-2026-40023 concerns Apache Log4cxx XMLLayout (pre-1.7.0) that fails to sanitize XML 1.0 forbidden characters in log messages, NDC, and MDC keys/values, producing invalid XML. Conforming parsers may reject such documents, potentially dropping or failing to index affected records and impairing ...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 11:18 p.m.8 views

PraisonAI: Shell Injection in run_python() via Unescaped $() Substitution

Summary runpython in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "" and passing it to subprocess.run..., shell=True. The escaping logic only handles \ and ", leaving $ and backtick substitutions unescaped, allowing arbitrary OS command executi...

9.8CVSS6.2AI score0.00545EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/03/27 6:16 a.m.11 views

CVE-2026-22743

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS0.0025EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/18 8:19 p.m.11 views

Cross-site Scripting (XSS)

Overview justhtml is an A pure Python HTML5 parser that just works. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the tomarkdown function. An attacker can inject arbitrary HTML content by supplying specially crafted input that includes HTML-significant characters...

6.1CVSS5.7AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 9:59 p.m.4 views

CVE-2026-28470

OpenClaw versions prior to 2026.2.2 contain an exec approvals must be enabled allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $ or backticks inside...

9.8CVSS6.2AI score0.00476EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/09 6:48 p.m.25 views

CVE-2026-25479 Litestar has an AllowedHosts validation bypass due to unescaped regex metacharacters in configured host patterns

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, in litestar.middleware.allowedhosts, allowlist entries are compiled into regex patterns in a way that allows regex metacharacters to retain special meaning e.g., . matches any character. This enables a bypass...

6.5CVSS0.00316EPSS
Exploits1References4
CVE
CVE
added 2026/02/09 6:46 p.m.11 views

CVE-2026-25478

Litestar (ASGI framework) contains a vulnerability in CORSConfig.allowed_origins_regex prior to 2.20.0 where a regex built from allowlist values is used with fullmatch without escaping metacharacters, allowing a malicious origin to match unexpectedly. Impact is indicated as HIGH (CVSS 3.1: AV:N/A...

7.4CVSS5.5AI score0.00383EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/09 6:46 p.m.6 views

CVE-2026-25478 Litestar has a CORS origin allowlist bypass due to unescaped regex metacharacters in allowed origins

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, CORSConfig.allowedoriginsregex is constructed using a regex built from configured allowlist values and used with fullmatch for validation. Because metacharacters are not escaped, a malicious origin can match...

7.4CVSS5.5AI score0.00383EPSS
Exploits1References6
OSV
OSV
added 2026/02/09 5:18 p.m.6 views

GHSA-2P2X-HPG8-CQP2 Litestar's CORS origin allowlist has a bypass due to unescaped regex metacharacters in allowed origins

Summary CORS origin validation can be bypassed because the allowed-origins allowlist is compiled into a regex without escaping metacharacters notably .. An allowed origin like https://good.example can match https://goodXexample, resulting in Access-Control-Allow-Origin being set for an untrusted...

7.4CVSS5.4AI score0.00383EPSS
Exploits1References6
Rows per page
Query Builder