Lucene search
K

90 matches found

Cvelist
Cvelist
added 18 hours ago7 views

CVE-2026-15290 Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.10.1 - Unauthenticated Blind SQL Injection

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to blind SQL Injection via the search parameter in all versions up to, and including, 2.10.1 due to insufficient escaping on the user supplied...

7.5CVSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 18 hours ago3 views

CVE-2026-15290

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to blind SQL Injection via the search parameter in all versions up to, and including, 2.10.1 due to insufficient escaping on the user supplied...

7.5CVSS6AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:17 p.m.3 views

CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

9.1CVSS5.9AI score0.00256EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.16 views

EulerOS Virtualization 2.10.1 : libarchive (EulerOS-SA-2026-2023)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata...

7.5CVSS7.2AI score0.00693EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-paramiko (UTSA-2026-016596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016596 advisory. In Paramiko before 2.10.1, a race condition between creation and chmod in the writeprivatekeyfile function could allow unauthorized information disclosure. Tenable h...

5.9CVSS6.6AI score0.0208EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/21 11:43 a.m.10 views

EUVD-2026-31268

Externally Controlled Reference to a Resource in Another Sphere, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the...

5.8AI score0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 5:7 p.m.2 views

CVE-2026-27496 n8n has In-Process Memory Disclosure in its Task Runner

n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/03 5:43 p.m.3 views

Missing Authentication for Critical Function

Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the request handler in modules/utenti/actions.php. An attacker can grant themselves or...

9.8CVSS5.8AI score0.00537EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 10:16 p.m.40 views

CVE-2026-27497

CVE-2026-27497 is connected to the n8n advisory GHSA-WXX7-MCGF-J869, which documents a remote code execution risk in the Merge node when used in SQL query mode. An authenticated user with permission to create or modify workflows can cause arbitrary code execution and write files on the n8n server...

9.4CVSS6.3AI score0.00765EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/25 9:22 p.m.17 views

GHSA-MMGG-M5J7-F83H n8n has Arbitrary File Read via Python Code Node Sandbox Escape

Impact An authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python objects, allowing an attacker to exfiltrate file contents or achieve RCE. On instances using...

9.9CVSS5.6AI score0.00352EPSS
Exploits0References6
OSV
OSV
added 2026/02/06 9:16 p.m.8 views

CVE-2026-25533 Enclave has a sandbox escape via infinite recursion and error objects

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

6.4CVSS5.7AI score0.0023EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/06 9:16 p.m.5 views

EUVD-2026-5565

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

6.4CVSS5.7AI score0.0023EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/06 9:16 p.m.5 views

CVE-2026-25533 Enclave has a sandbox escape via infinite recursion and error objects

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

6.4CVSS5.8AI score0.0023EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-0068

Malware in sbrugna...

8.6CVSS7.3AI score0.03603EPSS
Exploits1References40
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1291

Malware in sbrugna...

4.3CVSS4.6AI score0.00789EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10284

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00557EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42165

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00297EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2710

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00666EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1045

Malicious code in bioql PyPI...

7.3CVSS6.4AI score0.02054EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-23303

Malicious code in bioql PyPI...

7CVSS6.3AI score0.0016EPSS
Exploits0References3
Rows per page
Query Builder