Lucene search
+L

2830 matches found

NVD
NVD
added yesterday7 views

CVE-2026-49210

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Util\ChildComponentPartialRenderer::createHtml interpolates the client-controlled childrenid.tag value from LiveComponentSubscriber and InterceptChildComponentRenderSubscriber directly in...

2.3CVSS
Exploits0References4
Cvelist
Cvelist
added yesterday21 views

CVE-2026-49216 Symfony UX: XSS in symfony/ux-autocomplete via unescaped AJAX response data

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, the Stimulus controller in symfony/ux-autocomplete renders AJAX response items in createAutocompleteWithRemoteData by interpolating the text field into HTML template literals $itemlabelField rather than text,...

5.1CVSS
Exploits0References4
CVE
CVE
added yesterday40 views

CVE-2026-49216

CVE-2026-49216 (Symfony UX Autocomplete) : The Stimulus controller in symfony/ux-autocomplete renders AJAX response items by interpolating item[labelField] directly into HTML, causing stored XSS when values come from user-supplied content. Affected: 2.2.0 through 2.36.0 and 3.1.0. Impact is that ...

5.1CVSS5.4AI score
Exploits0References4
CVE
CVE
added yesterday24 views

CVE-2026-49211

The CVE-2026-49211 issue affects Symfony UX Autocomplete for Doctrine EntitySearchUtil::addSearchClause(), which builds a LIKE expression by wrapping the client query in %...% without escaping SQL LIKE wildcards. This allows unauthenticated users to turn the public BaseEntityAutocompleteType endp...

6.9CVSS5.6AI score
Exploits0References4
Vulnrichment
Vulnrichment
added yesterday5 views

CVE-2026-49211 Symfony UX: Information exposure via unescaped LIKE wildcards in EntitySearchUtil

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, Symfony\UX\Autocomplete\Doctrine\EntitySearchUtil::addSearchClause builds the LIKE expression used by the autocomplete endpoint by wrapping the client-supplied query in %...% without escaping SQL LIKE wildcards %...

6.9CVSS5.6AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-10525

The NEX-Forms WordPress plugin before 9.2.3 does not sanitise and escape some submitted form data before storing it and outputting it back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability which could allow unauthenticated users to perform Stored Cross-Site Scripting...

5.2AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2 days ago4 views

CVE-2026-46512 Frogman: Dialplan template parameters interpolated into extensions_custom.conf without escaping

Frogman provides headless PBX control through MCP and HTTP API. Prior to 1.6.2, fmdialplanapply accepted template parameters including greeting, dest, url, extension, code, and file, and Tools/DialplanApply.php wrote Dialplan/Templates.php output to extensionscustom.conf while only...

9.9CVSS6.2AI score0.00352EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago39 views

CVE-2026-46512 Frogman: Dialplan template parameters interpolated into extensions_custom.conf without escaping

Frogman provides headless PBX control through MCP and HTTP API. Prior to 1.6.2, fmdialplanapply accepted template parameters including greeting, dest, url, extension, code, and file, and Tools/DialplanApply.php wrote Dialplan/Templates.php output to extensionscustom.conf while only...

9.9CVSS0.00352EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-46686

Emlog is an open source website building system. In 2.6.13 and earlier, the admin backend user search module's keyword parameter from admin/user.php is processed with addslashes but not HTML-escaped before being rendered into the value attribute in admin/views/user.php, allowing reflected...

8.5CVSS6AI score0.00323EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2 days ago3 views

CVE-2026-46686 Emlog Reflected Cross-Site Scripting

Emlog is an open source website building system. In 2.6.13 and earlier, the admin backend user search module's keyword parameter from admin/user.php is processed with addslashes but not HTML-escaped before being rendered into the value attribute in admin/views/user.php, allowing reflected...

8.5CVSS6AI score0.00323EPSS
Exploits0References3
NVD
NVD
added 2 days ago6 views

CVE-2026-59859

Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.4, Kiota's PHP generator embedded OpenAPI description, default fields, property names, and other schema-derived strings into PHP double-quoted literals through SanitizeDoubleQuote in Writers/StringExtensions.cs without escaping $...

8.7CVSS0.01016EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago37 views

CVE-2026-59859 Kiota: Code Generation Literal Injection in the PHP Generator

Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.4, Kiota's PHP generator embedded OpenAPI description, default fields, property names, and other schema-derived strings into PHP double-quoted literals through SanitizeDoubleQuote in Writers/StringExtensions.cs without escaping $...

8.7CVSS0.01016EPSS
Exploits0References4
NVD
NVD
added 2 days ago7 views

CVE-2026-12978

The FunnelKit WordPress plugin before 3.15.0.6 does not escape a user-supplied parameter before reflecting it into the HTML response of one of its page-builder AJAX actions, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting against logged-in users who open a crafted pag...

7.1CVSS0.00164EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-52887

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filterlatestMsgReceiveTimestamp$lt value was inserted into a...

10CVSS0.00593EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 3 days ago6 views

ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting XSS by providing untrusted input to the Address6 constructor. When an application renders the output of...

8.1CVSS6.9AI score0.00471EPSS
Exploits1References5
NVD
NVD
added 4 days ago6 views

CVE-2026-47730

Twig is a template language for PHP. From 3.0.0 until 3.26.0, Twig\Profiler\Dumper\HtmlDumper writes Profile::getTemplate and Profile::getName into HTML output without escaping, allowing attacker-controlled template or profile names to inject arbitrary HTML when a browser renders the profiler dum...

5.4CVSS0.00169EPSS
Exploits0References3
CVE
CVE
added 4 days ago30 views

CVE-2026-47730

Twig: XSS in Twig\Profiler\Dumper\HtmlDumper allows attacker-controlled template/profile names to inject HTML in profiler output due to unescaped getTemplate()/getName() data. Affects Twig 3.0.0–3.26.0; fixed in 3.26.0 by escaping these values via htmlspecialchars(). No exploit details provided b...

5.4CVSS6.2AI score0.00169EPSS
Exploits0References3Affected Software1
OSV
OSV
added 4 days ago3 views

CVE-2026-47730 Twig: XSS in profiler HtmlDumper via unescaped template and profile names

Twig is a template language for PHP. From 3.0.0 until 3.26.0, Twig\Profiler\Dumper\HtmlDumper writes Profile::getTemplate and Profile::getName into HTML output without escaping, allowing attacker-controlled template or profile names to inject arbitrary HTML when a browser renders the profiler dum...

5.1CVSS6.2AI score0.00169EPSS
Exploits0References5
OSV
OSV
added 4 days ago4 views

CVE-2026-46628 Twig: The `spaceless` filter implicitly marks its output as safe

Twig is a template language for PHP. Prior to 3.26.0, the deprecated spaceless filter is registered as safe for HTML, causing Twig autoescaping to emit attacker-controlled markup unescaped when spaceless is applied to untrusted input. This issue is fixed in version 3.26.0...

5.1CVSS6.1AI score0.00169EPSS
Exploits0References5
NVD
NVD
added 5 days ago7 views

CVE-2026-58500

MCP Appium is an MCP server that provides AI assistants with tools to automate mobile app testing on Android and iOS. In versions prior to 1.85.10, the createLocatorGeneratorUI function interpolates attacker-controlled element attributes — text, content-desc, resource-id, and locator selector...

8.2CVSS0.00276EPSS
Exploits0References2
Rows per page
Query Builder