Lucene search
+L

8375 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-45103

OpenClaw versions before 2026.6.5 contain an authentication bypass vulnerability in HTTP Canvas responses that allows lower-trust callers to forge trusted A2UI actions. Attackers can perform actions requiring stronger authorization by submitting crafted requests through configured input paths,...

8CVSS6.1AI score0.00182EPSS
Exploits0References2
NVD
NVD
added 2 days ago10 views

CVE-2026-15907

A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=logfwnbcmailjsondata. Executing a manipulation of the argument subject can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

7.5CVSS0.00254EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-15777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in UI in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

7.5CVSS6.2AI score0.0026EPSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-45737

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From 3.2.0 until 3.2.12, 3.3.10, and 3.4.2, Argo CD ServerSideDiff can expose Kubernetes Secret values embedded in the kubectl.kubernetes.io/last-applied-configuration annotation because HideSecretDatatarget, live, ... does...

6.3CVSS0.00277EPSS
Exploits0References8
OSV
OSV
added 3 days ago4 views

CVE-2026-62948 OpenWrt odhcpd/LuCI: unauthenticated DHCPv6 client can inject lease-file lines via FQDN hostname → stored XSS in the LuCI admin UI

OpenWrt is a Linux operating system targeting embedded devices. Prior to 25.12.5, odhcpd writes a DHCPv6 client FQDN option 39 hostname into /tmp/odhcpd.leases through src/statefiles.c statefileswritestate6 and statefileswritestate4 without escaping, allowing newline injection of forged lease lin...

9.6CVSS6.1AI score0.00314EPSS
Exploits0References7
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-56687

Dell ThinOS 10, versions prior to 260510.2100, contain an Obsolete Feature in UI vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

7.8CVSS0.00104EPSS
Exploits0References1
CVE
CVE
added 3 days ago6 views

CVE-2026-56687

Dell ThinOS 10 is affected (versions prior to 2605_10.2100) by an Obsolete Feature in UI vulnerability. A low-privilege, local attacker could potentially obtain unauthorized access. No exploit details or specific remediation are provided in the documents; see Dell KB security update (DSA-2026-300...

7.8CVSS6.1AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-1563

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS0.00304EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-1563

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS6.1AI score0.00304EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-1562

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.6CVSS6.1AI score0.00304EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 3 days ago16 views

Google Chrome < 150.0.7871.124 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 150.0.7871.124. It is, therefore, affected by multiple vulnerabilities as referenced in the 202607stable-channel-update-for-desktop0353146366 advisory. - Use after free in UI in Google Chrome on Linux prior to...

9.6CVSS6.2AI score0.00328EPSS
Exploits0References31
NVD
NVD
added 4 days ago4 views

CVE-2026-15777

Use after free in UI in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.0026EPSS
Exploits0References2
NVD
NVD
added 4 days ago5 views

CVE-2026-15764

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00268EPSS
Exploits0References2
CVE
CVE
added 4 days ago17 views

CVE-2026-15765

CVE-2026-15765 : Use-after-free in Ozone of Google Chrome prior to 150.0.7871.125. A remote attacker, tricking a user into specific UI gestures, could potentially exploit heap corruption via a crafted HTML page. The Chrome security update 150.0.7871.124/125 (Stable Channel) includes fixes for thi...

7.5CVSS6.1AI score0.00268EPSS
Exploits0References2Affected Software1
NVD
NVD
added 4 days ago4 views

CVE-2026-50454

Relative path traversal in Windows User Interface Core allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00402EPSS
Exploits2References1
NVD
NVD
added 4 days ago7 views

CVE-2026-58595

Improper restriction of rendered ui layers or frames in Microsoft Bing App for IOS allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS0.00469EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-50454

The CVE-2026-50454 entry describes a Privilege Elevation via Relative Path Traversal in Windows User Interface Core. Affected component: Windows User Interface Core; attack requires local access (LOCAL) with LOW privileges and no user interaction per the CVSS v3.1 vector. Impact is Elevation of P...

7.8CVSS6AI score0.00402EPSS
Exploits2References1
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-50454 Windows User Interface Core Elevation of Privilege Vulnerability

...

7.8CVSS0.00402EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 4 days ago4 views

CVE-2026-50454 Windows User Interface Core Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00402EPSS
Exploits2References1
CVE
CVE
added 4 days ago9 views

CVE-2026-58595

CVE-2026-58595 concerns the Microsoft Bing App for iOS, where an improper restriction of rendered UI layers or frames enables an unauthorized attacker to spoof over a network. The vulnerability affects the Bing iOS app’s UI rendering stack (specific component not detailed in the provided document...

8.1CVSS6.1AI score0.00469EPSS
Exploits0References1
Rows per page
Query Builder