Lucene search
K

4 matches found

NVD
NVD
added 2026/05/04 7:16 p.m.35 views

CVE-2026-42230

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirecturi values to be registered. When a user denies the MCP OAuth consent dialog,...

6.1CVSS0.00181EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2026/01/26 12:11 p.m.7 views

Advisory ROSA-SA-2026-3117

software: ffmpeg 4.4.6 OS: ROSA-CHROME unaffected versions = ffmpeg-4.4.6-2 affected versions ffmpeg-4.4.6-2 CVE-ID: CVE-2023-6601 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in FFmpeg's HLS demultiplexer allows bypassing dangerous file extension checks and launching arbitrary...

4.7CVSS5.9AI score0.00397EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/03/22 2:0 p.m.81 views

New Kritec Magecart skimmer found on Magento stores

Threat actors often compete for the same resources, and this couldn't be further from the truth when it comes to website compromises. After all, if a vulnerability exists one can expect that it will be exploited more than once. In the past, we have seen such occurrences with Magecart threat actor...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/07/15 1:40 p.m.106 views

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0References5
Rows per page
Query Builder