Lucene search
K

246 matches found

EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38796

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the frappe.getavatar function...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38805

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Notifications Events panel...

4.8CVSS5.8AI score0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38800

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the File View breadcrumb renderer...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 4:16 p.m.8 views

CVE-2026-50711

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 4:16 p.m.11 views

CVE-2026-50700

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the frappe.getavatar function...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:51 p.m.29 views

CVE-2026-50705 Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering

A Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the Form Dashboard headline renderer...

4.6CVSS0.00256EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 2:51 p.m.11 views

CVE-2026-50705

The CVE-2026-50705 entry documents a stored XSS vulnerability in Frappe Framework 17.0.0-dev, caused by improper neutralization of untrusted input in the Form Dashboard headline renderer. Affected product: Frappe Framework (version 17.0.0-dev). The vulnerability arises from how the Form Dashboard...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:46 p.m.31 views

CVE-2026-50704 Frappe Framework 17.0.0-dev - Reflected/Stored XSS in File View breadcrumbs rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the File View breadcrumb renderer...

4.6CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:42 p.m.30 views

CVE-2026-50703 Frappe Framework 17.0.0-dev - Stored XSS in Desktop Icon label rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

4.8CVSS0.00239EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 2:20 p.m.9 views

CVE-2026-50699

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...

4.6CVSS6AI score0.00313EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 2:17 p.m.9 views

CVE-2026-50698

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input before generating HTML output in the Audit Trail component...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 2:17 p.m.32 views

CVE-2026-50698 Frappe Framework 17.0.0-dev - Stored XSS in Audit Trail template rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input before generating HTML output in the Audit Trail component...

4.6CVSS0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51826

Name of the Vulnerable Software and Affected Versions Frappe Framework version 17.0.0-dev Description A Stored Cross-Site Scripting XSS issue occurs due to improper neutralization of user-controlled input within the frappe.get avatar function during image rendering. Stored XSS is a type of...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References6
OSV
OSV
added 2026/06/08 3:27 p.m.9 views

SUSE-SU-2026:2303-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References23
Vulnrichment
Vulnrichment
added 2026/06/05 7:28 p.m.8 views

CVE-2026-25621 Arista Edge Threat Management NGFW Reports Application Insecure Input Validation

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS5.4AI score0.00222EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.5 views

GHSA-Q4WQ-4WHJ-CXHX vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.6 views

GHSA-99RJ-3595-5FRJ vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.8 views

CVE-2007-3716 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9...

9.3CVSS7.2AI score0.03554EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.7 views

GHSA-75HH-423H-RVWG vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk, openjdk-21-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.12 views

CVE-2026-34268 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk, openjdk-21-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9...

2.9CVSS6.4AI score0.00122EPSS
Exploits0
Rows per page
Query Builder