Lucene search
K

14240 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-39891

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the createagentcentrictools function returns tools like acpcreatefile that process file content using template rendering. When user input from agent.start is passed directly into these tools without escaping, template expressions in the...

8.8CVSS5.5AI score0.00558EPSS
Exploits1References1
OSV
OSV
added 2026/06/04 5:59 p.m.7 views

GHSA-3HRH-PFW6-9M5X Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Summary The serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite and priority. An application that passes user-controlled input into either option may produce a...

4.3CVSS5.8AI score0.00216EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.13 views

PT-2026-46844

Summary The serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, r, , but does not apply the same validation to sameSite and priority. An application that passes user-controlled input into either option may produce a...

5.3CVSS5.8AI score0.00216EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.7 views

MBS多款产品 安全漏洞

MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities. These vulnerabilities stem from insufficient validation of user-controlled inputs using the ugw-logstop method, which could...

8.1CVSS5.5AI score0.0037EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 9:17 a.m.48 views

CVE-2026-46718

Apache Calcite is affected by CVE-2026-46718: Unsafe Reflection via a user-controlled model can load arbitrary classes, enabling code execution. Affected: 1.5.0 up to

6.5CVSS5.8AI score0.00436EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 9:17 a.m.11 views

CVE-2026-46718 Apache Calcite: A user-controled model can load arbitrary classes, leading to code execution

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended to upgrade to version 1.42, which fixes the issue...

5.8AI score0.00436EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:31 a.m.19 views

EUVD-2026-33825

Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...

7.8CVSS5.8AI score0.00052EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 12:31 a.m.12 views

EUVD-2026-33787

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00071EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.12 views

CVE-2026-44239

FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $REQUEST'rawname' parameter is concatenated into an include call with a .class.php suffix, allowing path...

8.8CVSS6AI score0.00272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:14 p.m.14 views

CVE-2026-28580

In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00073EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 9:14 p.m.33 views

CVE-2026-0055

CVE-2026-0055 describes a path traversal in PackageInstallerService.java (createSessionInternal) that could let an attacker place or move a Device Policy Controller (DPC) into an invalid directory, enabling local privilege escalation without extra execution privileges or user interaction. The det...

6.2CVSS6AI score0.00084EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/01 9:14 p.m.25 views

CVE-2026-0009

CVE-2026-0009 affects Google Android. The issue is described as a logic error in multiple locations enabling tapjacking that could lead to local privilege escalation with no user interaction required. CVSS v3.1 vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, base score 7.8 (HIGH). Connected sources ...

7.8CVSS5.9AI score0.00075EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/01 3:20 a.m.34 views

CVE-2026-20453

CVE-2026-20453 affects geniezone with a possible out-of-bounds write caused by a missing bounds check. The issue could enable local privilege escalation for an actor who already has System privileges, with no user interaction required. Patch ALPS10886526 (MSV-6791) is referenced as a fix. Exploit...

6.7CVSS5.8AI score0.00114EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from logical errors in multiple locations. These vulnerabilities may bypass user interaction when pairing LE devices. This can lead to an...

8CVSS5.4AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a buffer overflow in multiple functions within sdpdiscovery.cc. This vulnerability may lead to remote code execution, and it can be...

8CVSS6.2AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 12:0 a.m.10 views

ASB-A-470115162

In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00079EPSS
Exploits0References2
NVD
NVD
added 2026/05/29 6:17 p.m.20 views

CVE-2026-45628

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them via childprocess.exec which runs through /bin/sh -c. User-supplied branch names, repository URLs, and Docker credentials are...

9.6CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 1:0 p.m.11 views

CVE-2026-47694 WWBN AVideo: Stored XSS via unescaped Gallery category description

WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores category descriptions from user input and later renders categorydescription as raw HTML in the Gallery view. A user who can create or edit categories can store JavaScript in a category description, which executes whe...

5.4CVSS5.8AI score0.00162EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:0 p.m.12 views

CVE-2026-47694

WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores category descriptions from user input and later renders categorydescription as raw HTML in the Gallery view. A user who can create or edit categories can store JavaScript in a category description, which executes whe...

5.4CVSS5.8AI score0.00162EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/29 12:42 p.m.33 views

CVE-2026-44239 FreePBX: Authenticated Local File Inclusion in Dashboard Module

FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $REQUEST'rawname' parameter is concatenated into an include call with a .class.php suffix, allowing path...

7.6CVSS0.00272EPSS
Exploits0References1
Rows per page
Query Builder