Lucene search
K

118 matches found

EUVD
EUVD
added 2026/07/06 10:16 a.m.6 views

EUVD-2025-210428

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS6AI score0.00161EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 8:34 p.m.8 views

EUVD-2026-40410

An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface. An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences. When processed by the embedded web...

5.9CVSS5.8AI score0.00296EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 8:34 p.m.36 views

CVE-2026-10562 Unauthenticated Open Redirect Vulnerability on TP-Link Archer AX20 Web Interface

An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface. An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences. When processed by the embedded web...

5.9CVSS0.00296EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.11 views

CVE-2026-44520

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS5.5AI score0.00188EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

WordPress plugin Splide Carousel Block 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.6AI score0.00197EPSS
Exploits0References4
NVD
NVD
added 2026/05/14 6:16 p.m.18 views

CVE-2026-44520

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 4:56 p.m.19 views

CVE-2026-44520

Docling-Graph.js: The SSRF flaw arises in URLInputHandler, where URLs from untrusted sources are fetched without IP-level validation. Prior to version 1.5.1, the URLValidator only checked scheme and netloc, not private/loopback/link-local addresses, and requests.head() allowed redirects, enabling...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 4:56 p.m.8 views

EUVD-2026-30340

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:56 p.m.9 views

CVE-2026-44520 Docling-Graph: SSRF via Missing Internal IP Validation in URLInputHandler

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 4:56 p.m.40 views

CVE-2026-44520 Docling-Graph: SSRF via Missing Internal IP Validation in URLInputHandler

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS0.00188EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 3:15 a.m.16 views

docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/07 3:15 a.m.13 views

GHSA-FQPH-J6V6-JVGX docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.21 views

PT-2026-38412

Name of the Vulnerable Software and Affected Versions Docling-Graph versions prior to 1.5.1 Description The URLInputHandler class in docling graph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating if the target resolves to a private, loopback, or link-local IP...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/06 8:47 p.m.18 views

phpMyFAQ: Path Traversal in Client::deleteClientFolder enables arbitrary directory deletion by non-super-admin admins

Summary Client::deleteClientFolder in phpmyfaq/src/phpMyFAQ/Instance/Client.php:583 takes a URL from the caller, strips the https:// prefix, and passes the remainder to Filesystem::deleteDirectory relative to the multisite clientFolder. No path-traversal validation runs. An admin with the...

7CVSS6AI score0.00266EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/08 6:26 p.m.4 views

CVE-2026-35400 LORIS incorrectly trusts user input in publication module

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, an endpoint in the publication module was incorrectly trusting the baseURL submitted by a user's PO...

3.5CVSS6AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.12 views

PT-2026-30014

Name of the Vulnerable Software and Affected Versions Ech0 versions prior to 4.2.8 Description Ech0, a self-hosted publishing platform, has an unsafe link preview feature. The GET /api/website/title endpoint is unauthenticated and accepts attacker-controlled URLs. It performs a server-side GET...

7.5CVSS5.9AI score0.00327EPSS
Exploits1References6
CVE
CVE
added 2026/03/22 1:38 p.m.9 views

CVE-2019-25595

CVE-2019-25595 affects jetAudio 8.1.7.20702 Basic. The vulnerability is a denial-of-service in the URL input handler: feeding an excessively long string (e.g., a 5000-character buffer) can crash the application. This is a local attack with no user interaction beyond opening the URL dialog. The av...

6.9CVSS6AI score0.00124EPSS
Exploits0References4
NVD
NVD
added 2026/03/22 1:16 a.m.3 views

CVE-2019-25586

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash...

6.9CVSS0.00178EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/10 6:41 p.m.5 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit -...

8.7CVSS5.8AI score0.02049EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/10 6:41 p.m.8 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit ...

8.7CVSS5.8AI score0.02049EPSS
Exploits0References2
Rows per page
Query Builder