CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 3 days ago•23 views

CVE-2026-45543 Nextcloud: Deleting a Forms collaborator share leaves uploaded response files accessible through a lingering Files share

5.3CVSS0.00027EPSS

CVE•added 3 days ago•11 views

CVE-2026-45543

Nextcloud Forms vulnerability CVE-2026-45543: From versions 4.3.0 through before 5.2.7, removing a collaborator did not revoke read access to uploaded respondent files for affected forms, enabling unauthorized access to those files (scope limited to forms where the user previously had results acc...

EUVD•added 3 days ago•5 views

EUVD-2026-33713

Vulnrichment•added 3 days ago•5 views

CVE-2026-45543 Nextcloud: Deleting a Forms collaborator share leaves uploaded response files accessible through a lingering Files share

Positive Technologies•added 3 days ago•6 views

PT-2026-45531

ATTACKERKB•added 6 days ago•3 views

Exploits0References4

CVE-2026-9558

A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...

9.9CVSS6.3AI score0.00196EPSS

Positive Technologies•added 6 days ago•4 views

PT-2026-44802

9.9CVSS6.3AI score0.00196EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-43495

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmac campaigns action function. This makes it...

4.3CVSS5.9AI score0.00014EPSS

Exploits0References6

EUVD•added 2026/05/26 4:30 p.m.•5 views

EUVD-2026-31863

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

8.7CVSS5.8AI score0.00061EPSS

Veracode•added 2026/05/23 5:59 a.m.•6 views

Path Traversal

Open WebUI is vulnerable to Path Traversal. The vulnerability is due to improper validation and sanitization of uploaded file names derived from HTTP upload requests, which allows an attacker to upload files with crafted dot-segments and traverse outside the intended uploads directory, potentiall...

9.8CVSS5.8AI score0.00079EPSS

Exploits1References1Affected Software1

EUVD•added 2026/05/21 1:1 p.m.•4 views

EUVD-2025-209909

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

9.8CVSS7.7AI score0.00552EPSS

OSV•added 2026/05/20 2:6 p.m.•3 views

MAL-2026-4367 Malicious code in @bcrumbs.net/bc-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4bd9ccff2d027c9982ab41ff4b4417e62475e70aba04212794f267030f63ab0 The exported BCChat React component embeds a hardcoded Azure Blob SAS URL https://bcuserres.blob.core.windows.net/anonymous with a long-lived SAS tok...

5.8AI score

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в python-django

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with appropriately crafted file names...

7.5CVSS7.1AI score0.04357EPSS

CVE•added 2026/05/19 10:45 p.m.•8 views

CVE-2026-34744

Vulnerability summary (CVE-2026-34744) MantisBT (Mantis Bug Tracker) prior to version 2.28.2 is affected by an authorization bypass where a user can list and download their own attachments from an issue created by another user after the issue becomes private, bypassing read access revocation. The...

5.3CVSS5.7AI score0.00014EPSS

Vulnrichment•added 2026/05/19 10:45 p.m.•4 views

CVE-2026-34744 MantisBT authorization bypass allows continued access to self-uploaded attachments on private issues

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

5.3CVSS5.7AI score0.00014EPSS