Lucene search
K

1265 matches found

EUVD
EUVD
added 2026/05/26 4:30 p.m.11 views

EUVD-2026-31863

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References2
Veracode
Veracode
added 2026/05/23 5:59 a.m.10 views

Path Traversal

Open WebUI is vulnerable to Path Traversal. The vulnerability is due to improper validation and sanitization of uploaded file names derived from HTTP upload requests, which allows an attacker to upload files with crafted dot-segments and traverse outside the intended uploads directory, potentiall...

9.8CVSS5.8AI score0.00336EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/21 1:1 p.m.12 views

EUVD-2025-209909

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

9.8CVSS7.7AI score0.03811EPSS
Exploits0References2
OSV
OSV
added 2026/05/20 2:6 p.m.7 views

MAL-2026-4367 Malicious code in @bcrumbs.net/bc-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4bd9ccff2d027c9982ab41ff4b4417e62475e70aba04212794f267030f63ab0 The exported BCChat React component embeds a hardcoded Azure Blob SAS URL https://bcuserres.blob.core.windows.net/anonymous with a long-lived SAS tok...

5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with appropriately crafted file names...

7.5CVSS7.4AI score0.05291EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 10:45 p.m.8 views

CVE-2026-34744 MantisBT authorization bypass allows continued access to self-uploaded attachments on private issues

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

5.3CVSS5.7AI score0.00362EPSS
Exploits0References3
CVE
CVE
added 2026/05/19 10:45 p.m.20 views

CVE-2026-34744

Vulnerability summary (CVE-2026-34744) MantisBT (Mantis Bug Tracker) prior to version 2.28.2 is affected by an authorization bypass where a user can list and download their own attachments from an issue created by another user after the issue becomes private, bypassing read access revocation. The...

5.3CVSS5.7AI score0.00362EPSS
Exploits0References3
NVD
NVD
added 2026/05/19 5:16 p.m.16 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS0.00479EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 3:53 p.m.14 views

EUVD-2026-30956

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 3:53 p.m.43 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS0.00479EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 3:53 p.m.11 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 3:53 p.m.17 views

CVE-2026-47358

CVE-2026-47358 affects Terrascan v1.18.3 and earlier. In server mode, Terrascan parses uploaded ARM/CloudFormation templates and resolves external URLs via hashicorp/go-getter with default detectors (including FileDetector), enabling an unauthenticated attacker to upload templates containing atta...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

terrascan 安全漏洞

Trenescan is an open-source infrastructure code static security analysis tool developed by Tenable. Versions of Trenescan 1.18.3 and earlier contain security vulnerabilities. These vulnerabilities stem from server-side request forgeing vulnerabilities in the external URL parsing of uploaded IaC...

9.2CVSS5.9AI score0.00479EPSS
Exploits0References1
NVD
NVD
added 2026/05/18 3:16 p.m.47 views

CVE-2026-41949

Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS0.00435EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

dify 安全漏洞

dify is an open-source LLM application development platform by LangGenius. Versions of dify prior to 1.14.1 have a security vulnerability. This vulnerability stems from an authorization bypass issue in the file preview endpoint, which allows any authenticated user to read the first 3,000 characte...

8.2CVSS5.8AI score0.00435EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

FacturaScripts 信息泄露漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to version 2026 contained a vulnerability related to information leakage. This vulnerability stemmed from the Library module not clearing the EXIF/XMP/IPTC metadata...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 9:19 p.m.20 views

CVE-2026-45301

Open WebUI (self-hosted AI platform) is affected by CVE-2026-45301 due to a missing permission check in all files-related API endpoints. Before version 0.3.16, any authenticated user could list, access, and delete files uploaded by any user via the /api/v1/files endpoints, exposing confidential d...

8.1CVSS5.8AI score0.00273EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/05/14 9:24 p.m.6 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection in the process that generates uninstall scripts from uploaded software packages, due to improper sanitization of metadata fields. An attacker can execute arbitrary commands with elevated privileges on managed endpoints...

9.8CVSS5.9AI score0.00773EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 8:15 p.m.7 views

GHSA-R8WH-8M7R-FH33 Open WebUI: Missing permission check in files API allows authenticated users to list, access and delete every uploaded file

Summary A missing permission check in all files related API endpoints allows any authenticated user to list, access and delete every file uploaded by every user to the platform. Details All files/ related endpoints lack permission checks. Listing all files For example, let's see how file listing ...

8.1CVSS5.8AI score0.00273EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/14 8:15 p.m.13 views

Incorrect Permission Assignment for Critical Resource

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the files/ endpoints. An attacker can list, access and delete every uploaded file due to absence of authorisation on these endpoints. Remediation Upgra...

8.6CVSS5.8AI score0.00273EPSS
Exploits1References2
Rows per page
Query Builder