CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

RedhatCVE•added 2026/04/16 1:22 p.m.•2 views

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

9.8CVSS5.8AI score0.00058EPSS

Exploits0References1

EUVD•added 2026/04/14 6:30 p.m.•0 views

EUVD-2025-209459

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

5.8AI score0.00058EPSS

Exploits0References4

NVD•added 2026/04/14 6:16 p.m.•3 views

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

9.8CVSS0.00058EPSS

Exploits0References3

CVE•added 2026/04/14 12:0 a.m.•2 views

CVE-2025-70023

CVE-2025-70023 affects transloadit uppy v0.25.6. The issue is CWE-843: Access of Resource Using Incompatible Type, caused by a type/resource access mismatch in the vulnerable component. CVSSv3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, ...

9.8CVSS5.8AI score0.00058EPSS

Exploits0References3

Cvelist•added 2026/04/14 12:0 a.m.•20 views

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

0.00058EPSS

Exploits0References3

Vulnrichment•added 2026/04/14 12:0 a.m.•1 views

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

5.8AI score0.00058EPSS

Exploits0References3

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32713

CVE-2025-70023 An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6. https://t.co/J2hAQYnqKw...

9.8CVSS5.8AI score0.00058EPSS

Exploits0References5

CNNVD•added 2026/04/14 12:0 a.m.•1 views

Uppy 安全漏洞

Uppy is an open-source file uploader developed by Transloadit, designed for web browsers. Version 0.25.6 of Uppy contains a security vulnerability, which stems from the use of incompatible types to access resources...

9.8CVSS5.8AI score0.00058EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 9:12 a.m.•3 views

CVE-2022-0528

Server-Side Request Forgery SSRF in GitHub repository transloadit/uppy prior to 3.3.1...

7.5CVSS7.4AI score0.00277EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:41 a.m.•4 views

CVE-2022-0086

uppy is vulnerable to Server-Side Request Forgery SSRF...

9.8CVSS6.7AI score0.00336EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-1181

Malware in sbrugna...

9.8CVSS9.3AI score0.0051EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-0606

Malware in sbrugna...

7.5CVSS7.7AI score0.00267EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-0738

Malicious code in bioql PyPI...

9.8CVSS8.2AI score0.00336EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-1506

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00277EPSS

Exploits1References4

RedhatCVE•added 2025/05/22 4:50 p.m.•8 views

CVE-2020-8205

The uppy npm package 1.13.2 and 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery SSRF vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems...

7.5CVSS6.5AI score0.00267EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:50 p.m.•7 views

CVE-2020-8135

The uppy npm package 1.9.3 is vulnerable to a Server-Side Request Forgery SSRF vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems...

9.8CVSS6.5AI score0.0051EPSS

Exploits1References1

CNVD•added 2022/03/07 12:0 a.m.•18 views

Uppy Access Control Error Vulnerability

Uppy is a Transloadit open source open source file uploader for web browsers. versions prior to Uppy 3.3.1 contain an access control error vulnerability that stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An unauthorized attacke...

7.5CVSS3.4AI score0.00277EPSS

Exploits1References1