Lucene search
+L

540 matches found

Cvelist
Cvelist
added yesterday8 views

CVE-2026-16117 @fastify/http-proxy vulnerable to prefix escape via URL-encoded characters

Impact: @fastify/http-proxy versions up to and including 11.5.0 fail to rewrite the request prefix when the prefix segment is URL-encoded. Fastify's router URL-decodes paths for route matching, but request.url retains the original encoded form, and the prefix-rewrite step uses a literal string...

10CVSS
Exploits0References2
Nuclei
Nuclei
added yesterday64 views

Gradio - Open Redirect

Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can lead to phishing attacks and loss of trust in the application. id: CVE-2024-8021 info: name: Gradio - Open Redirect author: DhiyaneshDK severity: medium description: | Gradio...

6.1CVSS5.6AI score0.00723EPSS
Exploits1References1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43638

Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allowed security constraint bypass for some configurations. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.23, from 10.1.0-M1 through 10.1.56, from 9.0.0.M1 through 9.0.119, from 8.5.0...

9.1CVSS6.1AI score0.00376EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

Apache Tomcat 10.1.0.M1 < 10.1.57 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.57. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.57security-10 advisory. - Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allow...

9.1CVSS6.2AI score0.00376EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Apache Tomcat 11.0.0.M1 < 11.0.24 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 11.0.24. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat11.0.24security-11 advisory. - Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allow...

9.1CVSS6.2AI score0.00376EPSS
Exploits0References5
OSV
OSV
added 2026/07/10 9:16 p.m.4 views

UBUNTU-CVE-2026-57211

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbitmgmtwmstatic can pass URL-encoded backslashes to erlprimloader:readfileinfo before path validation when multiple management extension plugins are enabled,...

10CVSS6.1AI score0.00404EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/07/10 8:16 p.m.3 views

CVE-2026-57211

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbitmgmtwmstatic can pass URL-encoded backslashes to erlprimloader:readfileinfo before path validation when multiple management extension plugins are enabled,...

6.5CVSS6.1AI score0.00404EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/07/10 7:25 p.m.10 views

EUVD-2026-39122

SiYuan: Path Traversal via Double URL Encoding in /assets/path publish mode arbitrary file─read, Incomplete fix of CVE-2026-41894...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 6:16 p.m.13 views

CVE-2026-57955

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated...

8.5CVSS0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 5:22 p.m.8 views

EUVD-2026-40140

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated...

8.5CVSS6.1AI score0.00235EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 10:16 p.m.13 views

CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS0.00386EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 1:11 a.m.11 views

EUVD-2026-39605

A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...

4.7CVSS5.8AI score0.00224EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 1:11 a.m.9 views

CVE-2026-50745

A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...

4.7CVSS5.8AI score0.00224EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.26 views

PT-2026-52978

Name of the Vulnerable Software and Affected Versions Kestra versions prior to 1.0.43 Kestra versions prior to 1.3.19 Description An authenticated user can perform a path traversal attack to read arbitrary files on the host filesystem that the process has access to, such as /etc/passwd or mounted...

7.7CVSS5.9AI score0.00386EPSS
Exploits1References8
CVE
CVE
added 2026/06/24 9:13 p.m.17 views

CVE-2026-54066

SiYuan

7.5CVSS6AI score0.01892EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 9:13 p.m.4 views

CVE-2026-54066 SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read)

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...

7.5CVSS6.1AI score0.01892EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.16 views

PT-2026-52107

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.0 Description An unauthenticated remote attacker can read arbitrary files within the WorkspaceDir when the system is in publish mode, which is an anonymous read-only HTTP endpoint. This is achieved by using...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/22 5:25 p.m.6 views

CVE-2026-54293 NLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Prior to 3.10.0-rc1, nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments...

7.5CVSS6AI score0.00378EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/22 5:25 p.m.34 views

CVE-2026-54293 NLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Prior to 3.10.0-rc1, nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments...

7.5CVSS0.00378EPSS
Exploits1References2
NVD
NVD
added 2026/06/18 10:16 p.m.19 views

CVE-2026-8100

Impact A security issue has been identified in Chef 360 that could allow unauthorized access to protected API endpoints under specific conditions. This issue is due to improper handling of URL-encoded paths during request processing. In certain scenarios, an authenticated request may bypass...

9.4CVSS0.00401EPSS
Exploits0References1
Rows per page
Query Builder