Lucene search
K

1935 matches found

CVE
CVE
added 4 days ago7 views

CVE-2026-57216

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, AMQP 0-9-1, AMQP 1.0, and Stream Protocol authentication can allow a loopback-restricted user such as guest to connect remotely when traffic is accepted through a trusted PROXY-protocol path and the backend...

10CVSS6.1AI score0.00341EPSS
Exploits1References6Affected Software1
NVD
NVD
added 4 days ago8 views

CVE-2026-56665

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL is an open source identity management platform. From 3.0.0-rc.1 through 3.4.11 and from 4.0.0-rc.1 through 4.15.1, ZITADEL's external JWT Identity Provider validation in internal/idp/providers/jwt/session....

4.2CVSS0.00167EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42968

Prowler is a cloud security platform. Prior to 5.30.3, Prowler's SAML authentication flow trusted the email domain asserted in a SAMLResponse when deciding which tenant should receive the final token, and the ACS finish logic in api/src/backend/api/v1/views.py recalculated the tenant from...

9.6CVSS6.1AI score0.00296EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-55672 ZITADEL: Missing client_id binding in OIDC authorization code exchange and refresh token flows (RFC 6749 Section 4.1.3 violation)

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's OAuth2 and OIDC CodeExchange, RefreshToken, and device token flows fail to verify that the requesting client matches the client that initiated the authorization flow, allowing intercepted grants or refre...

7.4CVSS0.00276EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-55783 NanaZip: NULL pointer dereference in Extract() of all seven NanaZip custom archive handlers when extracting/testing the whole archive

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-56675 9router: Reverse proxy locality collapse allows unauthenticated access to 9router /v1 APIs

9Router is an AI router & token saver. Prior to 0.5.2, 9router treats loopback requests as trusted and allows /v1/ access without an API key, so a same-host reverse proxy that forwards public traffic to the backend through 127.0.0.1 causes src/dashboardGuard.js to misclassify external requests as...

8.3CVSS0.00315EPSS
Exploits0References3
CVE
CVE
added 4 days ago14 views

CVE-2026-55500

CVE-2026-55500 (9router) exposes a critical flaw in the /api/settings/database endpoint. The GET export returns the entire database, including plaintext API keys, OAuth tokens, and provider credentials, while POST can wipe-and-replace the database with attacker-controlled data. This bypasses auth...

9.9CVSS6.1AI score0.00685EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42856

R-SOFT DMS is vulnerable to Insecure Direct Object Reference IDOR attack in multiple file download endpoints. The application fetches files from the database by ID and serves them to whoever requests them, relying only on session authentication, meaning any valid user can access any file. This...

7.1CVSS6.1AI score0.0047EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42855

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition OCR module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding...

9CVSS6.2AI score0.01331EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42854

R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...

5.1CVSS6.2AI score0.0039EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-57325

Name of the Vulnerable Software and Affected Versions Frappe versions prior to 16.23.0 Frappe versions prior to 15.112.0 Description A TarSlip Remote Code Execution RCE issue exists in the Package Import feature. This occurs because members of tarfiles are not sufficiently validated before...

8.6CVSS6.3AI score0.00457EPSS
Exploits0References13
NVD
NVD
added 5 days ago6 views

CVE-2026-59853

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used by sibling storage endpoints, allowing a publish-mode Reader to read private...

6.5CVSS0.00235EPSS
Exploits0References3
CVE
CVE
added 5 days ago17 views

CVE-2026-33655

The CVE-2026-33655 issue affects New API prior to version 0.12.0-alpha.1 where SSRF protection did not apply IP filtering to hostnames by default due to ApplyIPFilterForDomain being disabled. Authenticated users could configure notification URLs (Webhook, Bark, Gotify) that resolve to internal or...

7.7CVSS5.9AI score0.00437EPSS
Exploits0References3
NVD
NVD
added 5 days ago6 views

CVE-2026-49274

Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites using the pages field with roles that have the pages.access permission disabled allowed authenticated users to provide an inaccessible parent page or site to the page picker backend and confirm arbitrary page...

5.3CVSS0.00275EPSS
Exploits0References7
CVE
CVE
added 5 days ago41 views

CVE-2026-49274

CVE-2026-49274 affects Kirby CMS prior to versions 4.9.4 and 5.4.4. When the pages field is used and a role has pages.access disabled, authenticated users could supply an inaccessible parent page or site to the page picker backend, enabling confirmation of page existence and retrieval of title fi...

5.3CVSS5.9AI score0.00275EPSS
Exploits0References7
NVD
NVD
added 5 days ago7 views

CVE-2026-50644

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...

8.6CVSS0.00277EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-59723

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. Prior to 3.0.30, the Cline Hub dashboard server launched by the cline dashboard command accepts WebSocket connections on the /browser endpoint without validating the Origin header, and when ROOMSECRET is unset for loc...

8.8CVSS6.1AI score0.00145EPSS
Exploits0References5Affected Software1
NVD
NVD
added 6 days ago7 views

CVE-2026-57481

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.13 and 8.6.83, a LiveQuery subscriber could receive object field values they were not authorized to read when a single save changed both an object field and the subscriber'...

2.3CVSS0.00386EPSS
Exploits0References7
CVE
CVE
added 6 days ago12 views

CVE-2026-35210

Summary: OpenCTI prior to version 7.260326.0 contains an authorization bypass via the synchronized-upsert: true HTTP header, exploitable by any authenticated user with KNOWLEDGE_KNUPDATE permission. This allows bypassing Confidence Level validation and Object Marking restrictions, enabling attack...

7.1CVSS5.9AI score0.00269EPSS
Exploits0References4Affected Software1
NVD
NVD
added 6 days ago4 views

CVE-2026-59947

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, when Composer is run with -vvv debug verbosity, it could print a credential embedded in the username slot of a repository or package URL, such as a GitHub Personal Access Token in https://TOKEN@host/, to debug outp...

4.7CVSS0.00108EPSS
Exploits0References5
Rows per page
Query Builder