Lucene search
+L

8102 matches found

Nuclei
Nuclei
added 6 hours ago12 views

Giga Messenger WordPress - Cross-Site Scripting

Giga Messenger WordPress plugin = 2.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...

6.1CVSS8AI score0.00562EPSS
Exploits1References2
CVE
CVE
added yesterday35 views

CVE-2026-49284

The CVE affects SimpleSAMLphp SP: the ACS path permits a response from an unexpected IdP when an unsigned Response/InResponseTo combines with a signed assertion lacking SubjectConfirmationData/InResponseTo. A response from IdP B can be bound to SP state created for IdP A, allowing bypass of IdP-s...

7.1CVSS5.3AI score
Exploits0References3
NVD
NVD
added yesterday4 views

CVE-2026-49835

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.1.0, the global wrapMetrics middleware records raw HTTP request path r.URL.Path and raw HTTP request method r.Method as Prometheus labels for latency and request count metric vectors before routing, allowing an...

5.9CVSS
Exploits0References3
CVE
CVE
added yesterday40 views

CVE-2026-45309

CVE-2026-45309 affects AsyncSSH prior to 2.23.0. Root cause: the OpenSSH-style token %u in AuthorizedKeysFile was expanded from the remote username without rejecting path separators or .. segments, letting a username such as with traversal characters read an attacker-controlled authorized-keys fi...

8.2CVSS4.7AI score0.00221EPSS
Exploits0References3
NVD
NVD
added yesterday7 views

CVE-2026-16017

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function list/remove of the file tools/toolcron.go of the component cron Chat Tool. The manipulation results in missing authorization. The attack may be performed from remote. The exploit has been released to the...

6.5CVSS
Exploits0References6
Vulnrichment
Vulnrichment
added yesterday5 views

CVE-2026-12705 Integrity mechanism of KNX-device FW-files can be bypassed in ABB Update Tool

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS5.3AI score
Exploits0References1
NVD
NVD
added yesterday12 views

CVE-2026-62764

Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver,...

5.7CVSS0.00295EPSS
Exploits0References5
NVD
NVD
added 2 days ago5 views

CVE-2026-43977

wger is a free, open-source workout and fitness manager. In versions prior to 2.6, any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not own. The vulnerability exis...

7.5CVSS0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-43978 wger: Privilege escalation via trainer-login session chaining allows gym trainers to impersonate gym managers

wger is a free, open-source workout and fitness manager. In versions prior to 2.6, a gym trainer can escalate their session to any higher-privileged account gym manager, general manager by chaining two calls to the trainer-login endpoint. Once a trainer performs a legitimate switch into a...

8.1CVSS0.00213EPSS
Exploits0References1
NVD
NVD
added 2 days ago7 views

CVE-2026-62309

CoreDNS is a DNS server written in Go. Prior to 1.14.4, a single 28-byte UDP datagram can crash the CoreDNS process when the proxyproto plugin is enabled because plugin/pkg/proxyproto/proxyproto.go PacketConn.ReadFrom handles a PROXY v2 header with non-UDP transport such as family byte 0x11,...

7.5CVSS0.0035EPSS
Exploits0References4
CVE
CVE
added 2 days ago33 views

CVE-2026-44982

CVE-2026-44982 affects CrowdSec AppSec. The bug in pkg/appsec/request.go NewParsedRequestFromRequest reads the body using max(r.ContentLength, 0), causing HTTP/1.1 chunked and HTTP/2 without Content-Length to appear with an empty body, bypassing body-inspection rules (REQUEST_BODY, BODY_ARGS, ARG...

7.2CVSS6.1AI score0.00217EPSS
Exploits0References5
NVD
NVD
added 2 days ago11 views

CVE-2026-53598

Prompty is a markdown file format .prompty for LLM prompts. Prior to 2.0.0-beta.2, Prompty loaders expanded $file:... references in .prompty frontmatter without enforcing that resolved paths stayed within the prompt directory or allowed roots, allowing an attacker-controlled prompt file to read...

7.5CVSS0.01057EPSS
Exploits0References2
CVE
CVE
added 2 days ago13 views

CVE-2026-53598

The CVE-2026-53598 issue affects Prompty (.prompty) loaders that expanded ${file:...} references in frontmatter before 2.0.0-beta.2, allowing an attacker-controlled prompt to read local files via absolute paths, .. traversal, or symlink escapes. Root cause: path confinement was not enforced durin...

7.5CVSS6.1AI score0.01057EPSS
Exploits0References2
OSV
OSV
added 2 days ago17 views

ROOT-APP-MAVEN-CVE-2026-45367 CVE-2026-45367 in io.root.ca.uhn.hapi.fhir:org.hl7.fhir.dstu2 - Patched by Root

Root has patched CVE-2026-45367 in the io.root.ca.uhn.hapi.fhir:org.hl7.fhir.dstu2 package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00489EPSS
Exploits0
OSV
OSV
added 3 days ago4 views

CVE-2026-55445 Qinglong: Incomplete fix for CVE-2026-3965: Improper Authentication

Qinglong is a timed task management platform supporting Python3, JavaScript, Shell, and Typescript. Prior to 2.20.1, the init guard middleware in back/loaders/express.ts checks /api/user/init but not /open/user/init, while rewrite'/open/', '/api/$1' rewrites the whitelisted /open/ path after JWT...

9.3CVSS6.1AI score0.00404EPSS
Exploits0References5
NVD
NVD
added 3 days ago5 views

CVE-2026-45533

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase export-center deletion can accept path traversal sequences such as ../ in the bulk delete API endpoint and pass attacker-controlled identifiers to ExportCenterManage.delete, allowing recursive deletion of...

8.3CVSS0.00313EPSS
Exploits0References3
NVD
NVD
added 3 days ago5 views

CVE-2026-45417

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase datasource connection status checks concatenate configuration.getSchema into getTablesSql and execute the resulting SQL with executeQuery in io.dataease.datasource.provider.CalciteProvidercheckStatus,...

8.7CVSS0.00227EPSS
Exploits0References3
CVE
CVE
added 3 days ago10 views

CVE-2026-45320

DataEase (open source data visualization/analysis tool) is affected by an SQL injection in dashboard variables. Prior to version 2.10.23, dashboard SQL variables (e.g., ${deptId}) are processed by SqlparserUtils.transFilter(), whose final branch returns raw user input for non-in and non-between o...

8.7CVSS6.1AI score0.00269EPSS
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-59955

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.2, Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey or management key authentication is enabled because requests under...

7.5CVSS0.00549EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago35 views

CVE-2025-32781 Apollo: Apollo Portal release endpoint allows cross-application configuration disclosure via releaseId

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.0, Apollo Portal does not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId while...

6.5CVSS0.00415EPSS
Exploits0References4
Rows per page
Query Builder