Lucene search
K

1371 matches found

OSV
OSV
added 2026/04/29 10:26 p.m.6 views

GHSA-JFGF-83C5-2C4M i18next-http-middleware has path traversal / SSRF via user-controlled language and namespace parameters

Summary Versions of i18next-http-middleware prior to 3.9.3 pass the user-controlled lng and ns values from getResourcesHandler directly into i18next.services.backendConnector.loadlanguages, namespaces, … without any sanitisation. Depending on which backend is configured, the unvalidated path...

8.2CVSS5.9AI score0.00387EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/29 9:10 p.m.5 views

SQL Injection

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to SQL Injection via the row:search and row:get operations in the SeaTable node when user-controlled input is passed through expressions into the searchTerm or rowId parameters. An attacker can access...

8.8CVSS5.9AI score0.00342EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/29 8:8 a.m.6 views

CVE-2025-10503

The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious JavaScript payloads, enabling reflected cross-site scripting. An attacker can leverage this...

6.1CVSS5.3AI score0.00173EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2026/04/27 1:58 a.m.113 views

mcp-stdio-exploit

MCP STDIO Exploit: A Local Reimplementation Vulnerability...

6.4AI score
Exploits0
OSV
OSV
added 2026/04/23 9:53 p.m.5 views

GHSA-98F2-W9H9-7FP9 melange has Path Traversal When Resolving External Pipelines via Unvalidated pipeline[].uses

Impact An attacker who can influence a melange configuration file — for example through pull-request-driven CI or build-as-a-service scenarios — could set pipeline.uses to a value containing ../ sequences or an absolute path. The Compiled.compilePipeline function in pkg/build/compile.go passed us...

6.1CVSS5.9AI score0.0014EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/23 4:0 a.m.3 views

CVE-2026-41233 Froxlor has a Reseller Domain Quota Bypass via Unvalidated adminid Parameter in Domains.add()

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS5.8AI score0.00264EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/23 4:0 a.m.8 views

EUVD-2026-25188

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS5.8AI score0.00264EPSS
Exploits1References3
OSV
OSV
added 2026/04/22 5:40 p.m.5 views

GHSA-5FGG-JCPF-8JJW i18next-http-middleware: Prototype pollution and path traversal via user-controlled language and namespace parameters

Summary Versions of i18next-http-middleware prior to 3.9.3 pass user-controlled lng and ns parameters to two internal paths that use them in ways that enable prototype pollution and, depending on the configured backend, path traversal or SSRF. The vulnerable entry points are unauthenticated HTTP...

8.6CVSS5.8AI score0.0031EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/22 5:38 p.m.4 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the aggregate API endpoint when unvalidated user input is passed to the goqu.L function. An attacker can execute arbitrary SQL commands and access sensitive database information by supplying crafted values to the colum...

8.7CVSS6.1AI score0.00345EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 5:38 p.m.4 views

GHSA-RW2C-8RFQ-GWFV Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API

Summary The /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed authenticated users with any valid session to inject arbitrary S...

8.3CVSS5.9AI score0.00345EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/22 5:38 p.m.8 views

Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API

Summary The /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed authenticated users with any valid session to inject arbitrary S...

8.3CVSS5.9AI score0.00345EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34606

Name of the Vulnerable Software and Affected Versions Daptin versions prior to 0.11.4 Description The '/aggregate/:typename' endpoint accepts column and group query parameters that are passed without validation to goqu.L, a raw SQL literal expression builder. This bypasses parameterization,...

8.3CVSS6AI score0.00345EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/21 7:12 p.m.6 views

EUVD-2026-24253

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS5.9AI score0.09874EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/17 10:24 p.m.9 views

PraisonAI: SQL Injection via unvalidated `table_prefix` in 9 conversation store backends (incomplete fix for CVE-2026-40315)

The fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine sibling backends — MySQL, PostgreSQL, async SQLite/MySQL/PostgreSQL, Turso, SingleStore, Supabase, SurrealDB — pass tableprefix straight into f-string SQL. Same root cause, same code pattern, same exploitation...

9.8CVSS5.9AI score0.00347EPSS
Exploits2References3Affected Software2
NVD
NVD
added 2026/04/17 10:16 p.m.6 views

CVE-2026-40478

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS0.00776EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/17 9:57 p.m.3 views

CVE-2026-40478

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS6AI score0.00776EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2026/04/17 9:57 p.m.20 views

CVE-2026-40478 Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS0.00776EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/17 9:57 p.m.4 views

CVE-2026-40478 Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS6AI score0.00776EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/17 9:53 p.m.20 views

CVE-2026-40477 Improper restriction of the scope of accessible objects in Thymeleaf expressions

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS0.00862EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/17 9:53 p.m.5 views

CVE-2026-40477 Improper restriction of the scope of accessible objects in Thymeleaf expressions

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS5.9AI score0.00862EPSS
Exploits0References1
Rows per page
Query Builder