Lucene search
+L

155 matches found

attackerkb
attackerkb
added 2026/07/08 3:58 p.m.5 views

CVE-2026-59887

linkify-it is a links recognition library with full Unicode support. Prior to 5.0.2, the mailto: schema validator used by .test and .match can be invoked at every mailto: occurrence and scan the remaining input through srcemailname in lib/re.mjs, causing On^2 CPU consumption on crafted user text...

7.5CVSS5.9AI score0.00346EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2026/06/22 4:16 p.m.13 views

CVE-2026-11372

IBM TRIRIGA Application Platform 5.0.2 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS0.00165EPSS
Exploits0References1
cve
cve
added 2026/06/15 8:19 p.m.30 views

CVE-2026-49780

Technical details are not publicly available in the provided documents. Monitor for updates.

8.8CVSS5.2AI score0.00283EPSS
Exploits0References1
nvd
nvd
added 2026/05/27 3:16 p.m.16 views

CVE-2026-49044

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Kruit Advanced Custom Fields: Font Awesome Field allows Stored XSS. This issue affects Advanced Custom Fields: Font Awesome Field: from n/a through 5.0.2...

6.5CVSS0.00182EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/27 2:46 p.m.46 views

CVE-2026-49044 WordPress Advanced Custom Fields: Font Awesome Field plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Justin Kruit Advanced Custom Fields: Font Awesome Field allows Stored XSS. This issue affects Advanced Custom Fields: Font Awesome Field: from n/a through 5.0.2...

6.5CVSS0.00182EPSS
Exploits0References1
patchstack
patchstack
added 2026/05/27 2:45 p.m.15 views

WordPress Advanced Custom Fields: Font Awesome Field plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by timomangcut in WordPress Plugin Advanced Custom Fields: Font Awesome Field versions = 5.0.2...

6.5CVSS5.8AI score0.00182EPSS
Exploits0Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was susceptible to a denial-of-service attack when used with very long strings...

7.5CVSS7.1AI score0.01606EPSS
Exploits0References2
patchstack
patchstack
added 2026/05/15 10:42 a.m.14 views

WordPress Advanced Custom Fields: Font Awesome Field plugin <= 5.0.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Nguyen Cong Quang in WordPress Plugin Advanced Custom Fields: Font Awesome Field versions = 5.0.2...

6.4CVSS5.8AI score0.00274EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2026/04/10 9:31 a.m.15 views

EUVD-2026-21330

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2026/04/08 8:2 p.m.9 views

@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +25 more potentially affected by CVE-2026-39983 via basic-ftp (>=5.0.2 <=5.1.0)

basic-ftp NPM version =5.0.2, =0.2.6, =1.0.0, =1.0.0, =2.0.18, =1.9.2, =1.2.0, =4.6.0-blowfish, =1.0.3, =1.0.4, =0.1.1, =0.2.0 and more Source cves: CVE-2026-39983 Source advisory: SNYK:JS-BASICFTP-15953339...

8.6CVSS5.8AI score0.02185EPSS
Exploits1
nessus
nessus
added 2026/04/05 12:0 a.m.5 views

Slackware Linux 15.0 krita Vulnerability (SSA:2026-093-02)

The version of krita installed on the remote host is prior to 5.0.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-093-02 advisory. New krita packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description block...

6.7CVSS6AI score0.00184EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/11 12:0 a.m.9 views

PT-2026-24587

The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one of its fixing function, allowing unauthenticated users to modify stored divi-booster WordPress plugin before 5.0.2 options. Furthermore, due to the use of unserialize on the data, this could be furth...

8.1CVSS5.8AI score0.00156EPSS
Exploits0References5
vulnersosv
vulnersosv
added 2026/02/27 9:25 p.m.7 views

@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +25 more potentially affected by CVE-2026-27699 via basic-ftp (>=5.0.2 <=5.1.0)

basic-ftp NPM version =5.0.2, =0.2.6, =1.0.0, =1.0.0, =2.0.18, =1.9.2, =1.2.0, =4.6.0-blowfish, =1.0.3, =1.0.4, =0.1.1, =0.2.0 and more Source cves: CVE-2026-27699 Source advisory: SNYK:JS-BASICFTP-15366428...

9.8CVSS7.2AI score0.00528EPSS
Exploits2
cve
cve
added 2026/02/18 6:42 a.m.18 views

CVE-2026-1640

CVE-2026-1640 affects the WordPress Taskbuilder plugin (versions

4.3CVSS5.7AI score0.00261EPSS
Exploits0References3
patchstack
patchstack
added 2026/01/25 2:56 p.m.8 views

WordPress SiteLock Security plugin <= 5.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin SiteLock Security – WP Hardening, Login Security & Malware Scans versions = 5.0.2...

8.8CVSS5.4AI score0.00235EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/01/24 3:18 p.m.5 views

CVE-2026-24532

Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through =...

4.3CVSS5.9AI score0.00235EPSS
Exploits0References1
nvd
nvd
added 2026/01/23 3:16 p.m.17 views

CVE-2026-24532

Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through =...

4.3CVSS0.00235EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:11 a.m.9 views

CVE-2022-26326

Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2...

6.1CVSS6.8AI score0.00345EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:11 a.m.8 views

CVE-2022-35933

This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2...

6.1CVSS6.4AI score0.00449EPSS
Exploits0References1
patchstack
patchstack
added 2025/12/30 4:22 p.m.7 views

WordPress SiteLock Security plugin <= 5.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin SiteLock Security – WP Hardening, Login Security & Malware Scans versions = 5.0.1...

4.3CVSS5.4AI score0.00267EPSS
Exploits0Affected Software1
Rows per page
Query Builder