Lucene search
K

5 matches found

OSV
OSV
added 2026/03/18 4:17 a.m.8 views

UBUNTU-CVE-2026-31891

Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the /api/content/aggregate/model endpoint is...

7.7CVSS5.9AI score0.00397EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.11 views

PT-2026-25975

Name of the Vulnerable Software and Affected Versions Cockpit versions 2.13.4 and earlier Description Cockpit is a headless content management system. Instances running version 2.13.4 or earlier with API access enabled are susceptible to a SQL Injection issue in the MongoLite Aggregation Optimize...

7.7CVSS6AI score0.00397EPSS
Exploits0References13
Snyk
Snyk
added 2024/07/10 3:10 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...

6.9CVSS6.9AI score0.00492EPSS
Exploits0References2
Snyk
Snyk
added 2024/07/10 3:10 p.m.3 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...

6.9CVSS6.9AI score0.00492EPSS
Exploits0References2
Snyk
Snyk
added 2024/07/10 3:10 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...

6.9CVSS6.8AI score0.00492EPSS
Exploits0References2
Rows per page
Query Builder