Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.13 views

CVE-2026-44695

Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A third party who can obtain a Slack OAuth code for the same Outline Slack client can make a...

6.5CVSS5.6AI score0.00125EPSS
Exploits1References1
CVE
CVE
added 2026/05/05 7:9 p.m.13 views

CVE-2026-33324

SQLBot’s Text-to-SQL prompt injection vulnerability affects versions 1.7.0 and earlier, where the user’s question is concatenated into the LLM prompt and the resulting SQL is executed without validation. An authenticated attacker can craft a malicious query to coerce the LLM into generating and r...

9.4CVSS6.6AI score0.00603EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/26 2:8 a.m.5 views

CVE-2025-66022 FACTION Unauthenticated Custom Extension Upload leads to RCE

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to version 1.7.1, an extension execution path in Faction’s extension framework permits untrusted extension code to execute arbitrary system commands on the server when a lifecycle hook is invoked, resulting in remote cod...

9.6CVSS8.5AI score0.00591EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38835

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00821EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 10:38 p.m.8 views

CVE-2022-36081

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/ and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue...

7.5CVSS6.6AI score0.00821EPSS
Exploits0
Prion
Prion
added 2022/09/07 9:15 p.m.17 views

Remote file inclusion

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, an attacker could capture user's session cookies or execute malicious Javascript when a victim edits a markdown file. Version 1.7.1 fixes this issue...

5.8CVSS6.3AI score0.00388EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder