Lucene search
+L

1391 matches found

nuclei
nuclei
added 8 hours ago28 views

LolLMS < 2.2.0 - Server-Side Request Forgery

A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0. The /api/files/export-content endpoint processes Markdown image URLs by downloading them via downloadimagetotemp in backend/routers/files.py without any validation, allowing an unauthenticated...

7.5CVSS7.2AI score0.01765EPSS
Exploits1References3
redhatcve
redhatcve
added 9 hours ago4 views

CVE-2026-14380

A flaw was found in the DBI component for Perl. This vulnerability allows an attacker to inject and execute arbitrary code by manipulating the Profile attribute of a DBI handle. When a string is assigned to this attribute, the component processes it without proper validation, enabling the executi...

8.8CVSS6.5AI score0.00498EPSS
Exploits0References6
redhat
redhat
added 3 days ago4 views

net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input

A flaw was found in Net::IMAP before 0.4.24, 0.5.14, and 0.6.4. Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands...

9.8CVSS6.1AI score0.00429EPSS
Exploits0References8
nvd
nvd
added 4 days ago6 views

CVE-2026-56281

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...

5.1CVSS0.00197EPSS
Exploits0References2
nvd
nvd
added 6 days ago4 views

CVE-2026-40008

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache IoTDB. The pipe processor reads a fully qualified Java class name and instantiates it using Class.forName.newInstance without any validation or allowlisting. This issue affects Apache IoTDB:...

9.8CVSS0.00332EPSS
Exploits0References2
redhat
redhat
added 2026/07/09 12:46 a.m.3 views

net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input

A flaw was found in Net::IMAP before 0.4.24, 0.5.14, and 0.6.4. Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands...

9.8CVSS6.1AI score0.00429EPSS
Exploits0References8
github
github
added 2026/07/06 9:22 p.m.6 views

Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879

Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt injection direct user input or indirect content the agent reads back via RAG, so an attacker who can...

9.8CVSS5.9AI score0.00461EPSS
Exploits0References2Affected Software1
redhat
redhat
added 2026/07/03 11:16 a.m.2 views

net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input

A flaw was found in Net::IMAP before 0.4.24, 0.5.14, and 0.6.4. Several commands accept raw string arguments sent to the server without validation or escaping; if derived from user-controlled input, CRLF sequences allow injection of arbitrary IMAP commands...

9.8CVSS6.1AI score0.00429EPSS
Exploits0References8
attackerkb
attackerkb
added 2026/06/30 10:39 p.m.7 views

CVE-2026-14137

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.2CVSS5.8AI score0.00187EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2026/06/30 1:11 p.m.5 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.8CVSS5.9AI score0.00339EPSS
Exploits0References6
cve
cve
added 2026/06/30 12:54 p.m.25 views

CVE-2026-58116

CVE-2026-58116 affects LLaMA-Factory up to version 0.9.5. A remote code execution vulnerability exists when a malicious model path is supplied via WebUI Chat/Training interfaces; unvalidated input is passed to AutoTokenizer.from_pretrained() and AutoModel.from_pretrained() with trust_remote_code=...

9.8CVSS6.6AI score0.00497EPSS
Exploits2References2Affected Software1
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-487 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

9.3CVSS6.3AI score0.00229EPSS
Exploits1References5
nvd
nvd
added 2026/06/26 9:16 p.m.14 views

CVE-2026-48778

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File → Open...

7.8CVSS0.01314EPSS
Exploits5References2
osv
osv
added 2026/06/26 8:12 p.m.3 views

CVE-2026-48800 Notepad++: Arbitrary Code Execution via shortcuts.xml UserCommand Injection

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::valueaNode Parameters.cpp:3658 in the feedUserCmds function and stored in UserCommand.cmd without any validation. When the user clicks the corresponding entry ...

7.8CVSS7.1AI score0.0036EPSS
Exploits3References4
redhat
redhat
added 2026/06/25 9:7 p.m.2 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.1CVSS6.2AI score0.00339EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.13 views

PT-2026-52137

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description An unauthenticated attacker can inject arbitrary SQL to compromise the confidentiality, integrity, and availability of the database. This occurs because the rfilter request parameter is retrieved via...

9.8CVSS6AI score0.00456EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/06/23 7:44 a.m.7 views

CVE-2026-44172

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.1CVSS6AI score0.00339EPSS
Exploits0References5
nessus
nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : mariadb-connector-c, mariadb-connector-c-config, mariadb-connector-c-devel (ALAS2023-2026-1873)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1873 advisory. An application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injection...

9.1CVSS5.9AI score0.00339EPSS
Exploits0References4
nvd
nvd
added 2026/06/15 6:16 p.m.17 views

CVE-2026-49294

Valhalla is an open source routing engine and accompanying libraries for use with OpenStreetMap data. Versions 3.6.3 and prior are vulnerable to reflected cross-site scripting XSS due to improper neutralization of input in the JSONP callback parameter. When a request specifies a JSONP callback, t...

6.1CVSS0.00149EPSS
Exploits0References1
cve
cve
added 2026/06/15 4:28 p.m.15 views

CVE-2026-49294

Valhalla (open source routing engine) versions ≤ 3.6.3 are affected by a reflected XSS in the JSONP callback parameter. The input is reflected into the JavaScript response without validation or encoding, enabling an attacker to craft a URL whose callback contains arbitrary JavaScript. If a victim...

6.1CVSS5.1AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder