Lucene search
+L

284 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-52887

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filterlatestMsgReceiveTimestamp$lt value was inserted into a...

10CVSS0.00593EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago6 views

ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting XSS by providing untrusted input to the Address6 constructor. When an application renders the output of...

8.1CVSS6.9AI score0.00471EPSS
Exploits1References5
OSV
OSV
added 3 days ago3 views

CVE-2026-46628 Twig: The `spaceless` filter implicitly marks its output as safe

Twig is a template language for PHP. Prior to 3.26.0, the deprecated spaceless filter is registered as safe for HTML, causing Twig autoescaping to emit attacker-controlled markup unescaped when spaceless is applied to untrusted input. This issue is fixed in version 3.26.0...

5.1CVSS6.1AI score0.00169EPSS
Exploits0References5
NVD
NVD
added 4 days ago5 views

CVE-2026-58500

MCP Appium is an MCP server that provides AI assistants with tools to automate mobile app testing on Android and iOS. In versions prior to 1.85.10, the createLocatorGeneratorUI function interpolates attacker-controlled element attributes — text, content-desc, resource-id, and locator selector...

8.2CVSS0.00276EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 6 days ago6 views

SUSE CVE-2026-58459

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

9.6CVSS6.4AI score0.01775EPSS
Exploits1References3
NVD
NVD
added 2026/07/07 7:16 p.m.6 views

CVE-2026-48951

Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components...

8.4CVSS0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 3:9 a.m.31 views

CVE-2026-34149 Coolify: Authenticated Host-Level RCE via Unescaped Database Credentials in Backup Jobs

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, DatabaseBackupJob interpolates user-controlled database credentials and MongoDB collection exclusion names into backup shell commands without adequate escaping, allowing an...

3.3CVSS0.00221EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 3:9 a.m.4 views

CVE-2026-34149 Coolify: Authenticated Host-Level RCE via Unescaped Database Credentials in Backup Jobs

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, DatabaseBackupJob interpolates user-controlled database credentials and MongoDB collection exclusion names into backup shell commands without adequate escaping, allowing an...

3.3CVSS6AI score0.00221EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/06 9:14 p.m.5 views

CVE-2026-42148

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the buildHelperImage method in app/Livewire/Settings/Index.php constructs a Docker build command using the devhelperversion field without shell escaping, allowing an attack...

3.8CVSS6.2AI score0.00121EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/07/01 7:16 a.m.10 views

CVE-2026-11570

The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display template, leading to a Stored Cross-Site Scripting that can be triggered by unauthenticated users when a non-default display option is enabled...

4.2CVSS0.00137EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 9:50 a.m.3 views

CVE-2026-52760 Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a message with a J...

6.1CVSS5.9AI score0.00667EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/30 9:50 a.m.40 views

CVE-2026-52760 Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to send a message with a J...

0.00667EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 7:16 p.m.12 views

CVE-2026-53427

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-string forwarding render: fullinfostring: true are enabled, t...

2.3CVSS0.00405EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/29 6:50 p.m.30 views

CVE-2026-53427 Cross-site scripting in MDEx via unescaped highlight_lines_class code-fence attribute

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-string forwarding render: fullinfostring: true are enabled, t...

2.3CVSS0.00405EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 6:50 p.m.15 views

CVE-2026-53427

The CVE-2026-53427 issue is a cross-site scripting vulnerability in leandrocp MDEx exposed via Markdown rendering. When render: full_info_string is enabled, the Lumis adapter copies a code fence’s highlight_lines_class info-string into per-line HTML class attributes, parsing key=value pairs via s...

2.3CVSS5.8AI score0.00405EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 6:0 a.m.42 views

CVE-2026-8172 Simple Basic Contact Form <= 20250114 - Reflected XSS

The Simple Basic Contact Form WordPress plugin through 20250114 does not escape user-supplied input before reflecting it into the contact form output on validation errors, leading to a Reflected Cross-Site Scripting vulnerability that unauthenticated attackers can exploit against site visitors vi...

0.00156EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 10:16 p.m.12 views

CVE-2026-44311

Fabric.js is a Javascript HTML5 canvas library. Prior to 7.4.0, a potential Cross-Site Scripting XSS vulnerability exists in Fabric.js due to improper escaping of user-controlled input during SVG serialization via the toSVG method. Specifically, the color field within the colorStops array of a...

6.1CVSS0.00194EPSS
Exploits1References2
OSV
OSV
added 2026/06/19 9:43 p.m.11 views

GHSA-X975-RGX4-5FH4 appium-mcp: Unescaped Locator Data XSS in MCP-UI Resource (createLocatorGeneratorUI)

Unescaped Locator Data XSS in MCP-UI Resource createLocatorGeneratorUI Summary appium-mcp's createLocatorGeneratorUI function interpolates attacker-controlled element attributes — text, content-desc, resource-id, and locator selector values — directly into an HTML template literal without any HTM...

8.2CVSS6.4AI score0.00276EPSS
Exploits0References4
OSV
OSV
added 2026/06/12 3:4 p.m.8 views

GHSA-6JQ6-X4CX-QVCM Firefly II has Stored XSS in Audit Log Entry view via piggy bank name (ale.twig)

Summary The Twig template resources/views/list/ale.twig renders the piggy bank name from AuditLogEntry.after.piggy using the |raw filter, bypassing Twig's auto-escaping. A piggy bank created with an HTML payload in its name executes arbitrary JavaScript in any browser viewing that transaction's...

5.1CVSS5.5AI score
Exploits0References3
EUVD
EUVD
added 2026/06/10 10:15 p.m.15 views

EUVD-2026-36196

Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in org.yamcs.security.LdapAuthModule when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13...

4.3CVSS5.4AI score0.01027EPSS
Exploits3References3
Rows per page
Query Builder