Lucene search
+L

5 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-46637

Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with issafe = all, causing Twig to treat plain text or HTML output as safe in HTML, JavaScript, CSS, URL, and other contexts where the output is not properly...

5.4CVSS0.00175EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-46634 Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name

Twig is a template language for PHP. From 3.9.0 until 3.26.0, templatefromstring compiles an inner template under a synthesized stringtemplate name that can fall outside a SourcePolicyInterface sandbox decision, allowing a sandboxed template that can call templatefromstring and include to render ...

7.7CVSS0.00419EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.18 views

PT-2026-44982

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description A heap-buffer-overflow write can be triggered in the client when connecting to a malicious RDP server that sends crafted RDPGFX PDUs Protocol Data Units. The issue occurs in the gdi CacheToSurface...

9CVSS6.1AI score0.0042EPSS
Exploits1References44
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.7 views

PT-2026-5316

Name of the Vulnerable Software and Affected Versions Kata Containers versions prior to 3.26.0 Description Kata Containers is an open source project implementing lightweight Virtual Machines VMs functioning like containers. In versions prior to 3.26.0, a malformed or layerless container image can...

9.3CVSS5.4AI score0.00438EPSS
Exploits1References11
Patchstack
Patchstack
added 2024/11/13 9:7 a.m.6 views

WordPress CSV to html plugin <= 3.26 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin CSV to html versions = 3.26...

9.9CVSS7AI score0.00478EPSS
Exploits0Affected Software1
Rows per page
Query Builder