Lucene search
K

8375 matches found

CVE
CVE
added 5 hours ago6 views

CVE-2026-58229

The CVE-2026-58229 issue affects the Elixir Mint HTTP client. Mint.HTTP1.decode_headers/5 and Mint.HTTP1.decode_trailer_headers/4 accumulate all parsed response headers and trailer fields into a request.headers_buffer without a cap, and decoding uses unlimited per-line/packet limits. A malicious ...

8.2CVSS6.2AI score
Exploits0References4
Nuclei
Nuclei
added 7 hours ago86 views

Eclipse Jetty ConcatServlet - Information Disclosure

Eclipse Jetty through 9.4.40, through 10.0.2, and through 11.0.2 is susceptible to information disclosure. Requests to the ConcatServlet with a doubly encoded path can access protected resources within the WEB-INF directory, thus enabling an attacker to potentially obtain sensitive information,...

5.3CVSS6.7AI score0.7848EPSS
Exploits2References5
Nuclei
Nuclei
added 7 hours ago35 views

WordPress Mapplic <= 6.1 / Mapplic Lite <= 1.0 - Authenticated Stored XSS via SVG File Upload

The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Stored Cross-Site Scripting via arbitrary URL injection in versions up to and including 6.1 and 1.0 respectively. Authenticated users with author-level permissions can inject arbitrary remote URLs for SVG map files. When a user...

8.3CVSS6.2AI score0.01133EPSS
Exploits1References4
Nuclei
Nuclei
added 7 hours ago143 views

WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read

WordPress Responsive Vector Maps 6.4.2 contains an arbitrary file read vulnerability because the plugin does not have proper authorization and validation of the rvmuploadregionsfilepath parameter in the rvmimportregions AJAX action, allowing any authenticated user to read arbitrary files on the w...

6.5CVSS6.7AI score0.03005EPSS
Exploits2References5
CVE
CVE
added yesterday11 views

CVE-2026-49971

Laravel-Mediable before 7.0.0 has a stored XSS in SVG file uploads. Both authenticated and anonymous users can upload unsanitized SVG files containing scripts (onload handlers, script tags, or foreignObject) which can store persistent XSS payloads. When victims view or preview the SVG, the payloa...

6.1CVSS6.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-61870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by...

7.5CVSS6.1AI score0.00104EPSS
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-60090

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS0.0041EPSS
Exploits0References3
CVE
CVE
added 3 days ago14 views

CVE-2026-60090

CVE-2026-60090 affects PraisonAI prior to 4.6.78, exposing a SQL/CQL injection risk via the vector dimension in the PGVector and Cassandra knowledge-store backends. The root cause is that the caller-controlled dimension value is interpolated into the generated CREATE TABLE DDL without runtime enf...

9.8CVSS6.1AI score0.0041EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago9 views

EUVD-2026-43175

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS6.1AI score0.0041EPSS
Exploits0References3
Nuclei
Nuclei
added 3 days ago253 views

XWiki Platform - Remote Code Execution

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document SkinsCode.XWikiSkinsSheet leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute...

9.9CVSS7.5AI score0.91346EPSS
Exploits1References4
CVE
CVE
added 4 days ago9 views

CVE-2026-55461

Snipe-IT (IT asset/license management) versions prior to 8.6.2 are vulnerable: the user edit flow stores url()-&gt;previous() from the attacker-controlled Referer header into Laravel’s intended URL session value and subsequently uses redirect()-&gt;intended(...) when redirect_option=back is submi...

6.1CVSS6.1AI score0.00232EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-55466 Snipe-IT: Stored XSS via inline-served attachment

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, UploadFileRequest sanitizes SVG content only when PHP finfo reports image/svg+xml and UploadedFilesController serves attachments inline without using StorageHelper::allowSafeInline, allowing a low-privilege user to upload active...

6.2CVSS0.00351EPSS
Exploits1References3
NVD
NVD
added 4 days ago7 views

CVE-2026-61461

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the searchbyfulltext method without escaping or parameterization. Attackers can inject malicious SQL throu...

8.8CVSS0.00357EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago37 views

CVE-2026-61461 Dify < 1.16.0-rc1 SQL Injection via MyScale Vector Store search_by_full_text

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the searchbyfulltext method without escaping or parameterization. Attackers can inject malicious SQL throu...

8.8CVSS0.00357EPSS
Exploits0References5
CVE
CVE
added 4 days ago16 views

CVE-2026-61461

Summary: CVE-2026-61461 affects Dify before 1.16.0-rc1, where the MyScale vector store backend is vulnerable to SQL injection via the search_by_full_text method due to unsanitized, unparameterized search parameters. This can allow an attacker to read, modify, or delete data in the underlying Clic...

8.8CVSS6.3AI score0.00357EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42973

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the searchbyfulltext method without escaping or parameterization. Attackers can inject malicious SQL throu...

8.8CVSS6.3AI score0.00357EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42957

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fsfsize fragment size, allowin...

2.4CVSS6.2AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 4 days ago6 views

CVE-2026-61456

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS0.00141EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42905

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
CVE
CVE
added 4 days ago6 views

CVE-2026-61456

Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 is vulnerable to stored XSS via SVG uploads. The HandlesMediaUploads::processUploadedFile() path only validates file extension and does not call Security::sanitizeSVG(), enabling an authenticated attacker with api.media.write to upload an SVG...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
Rows per page
Query Builder