Lucene search
K

6 matches found

NVD
NVD
added 2026/06/04 10:16 p.m.12 views

CVE-2026-42547

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination wit...

5.4CVSS0.00174EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 8:57 p.m.32 views

CVE-2026-42540 IRIS has a Mass Assignment issue

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in the database via manipulated API requests. Version 2.4.28 contains a patch...

4.3CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:31 p.m.9 views

EUVD-2026-34320

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2026/03/10 11:21 p.m.15 views

CVE-2026-2569

The CVE-2026-2569 entry corresponds to the WordPress plugin Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer (3d-flipbook-dflip-lite) with a Stored Cross-Site Scripting flaw via PDF page labels in all versions up to 2.4.20. The issue is caused by insufficient input sanitization an...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/20 1:17 a.m.6 views

WordPress Piotnet Addons For Elementor plugin <= 2.4.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Ankit Patel in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.26...

6.4CVSS5.8AI score0.00342EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/04/27 12:0 a.m.5 views

PT-2020-12481 · Percona · Percona Xtrabackup

Name of the Vulnerable Software and Affected Versions: Percona XtraBackup versions prior to 2.4.20 Description: The issue allows sensitive information to be unintentionally written to backup files and the PERCONA SCHEMA.xtrabackup history table when the --history option is used. This may include...

6.5CVSS6.2AI score0.00951EPSS
Exploits0References16
Rows per page
Query Builder