Lucene search
K

205 matches found

NVD
NVD
added 2026/05/14 7:16 p.m.21 views

CVE-2026-44670

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the kernel stores Attribute View AV / database names without any HTML escape, then a render template uses raw strings.ReplaceAlltpl, "$avName", nodeAvName to embed the name in HTML before pushing to all clients via...

9.4CVSS0.00509EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 7:16 p.m.19 views

CVE-2026-44586

SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML without escaping. In the desktop app this becomes stored XSS, and because SiYuan's Electron windows a...

8.3CVSS0.00307EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:25 p.m.44 views

CVE-2026-44670 SiYuan: Stored XSS via Attribute View name to Electron renderer RCE in SiYuan

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the kernel stores Attribute View AV / database names without any HTML escape, then a render template uses raw strings.ReplaceAlltpl, "$avName", nodeAvName to embed the name in HTML before pushing to all clients via...

9.4CVSS0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:21 p.m.48 views

CVE-2026-45147 SiYuan: Broken access control in SiYuan `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to disk

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly, despite the handler performing a configuration write that is normally guarded by both. Any...

4.3CVSS0.00152EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 6:14 p.m.17 views

CVE-2026-45371

CVE-2026-45371 (SiYuan) : Before v3.7.0, publish-mode Reader can mutate server state via 8 ungated APIs: POST /api/graph/getGraph, /getLocalGraph, /api/sync/setSyncInterval, /api/storage/updateRecentDocViewTime, /api/storage/updateRecentDocCloseTime, /api/storage/updateRecentDocOpenTime, /api/sto...

7.2CVSS5.9AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:13 p.m.34 views

CVE-2026-45375 SiYuan: Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar community marketplace renders the name and version fields of a package's plugin.json and the equivalent theme.json / template.json / widget.json / icon.json into the Settings → Marketplace UI without HT...

9CVSS0.00361EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.11 views

PT-2026-41017

SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML without escaping. In the desktop app this becomes stored XSS, and because SiYuan's Electron windows a...

8.3CVSS6AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

SiYuan 授权问题漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.7.0 had an authorization issue vulnerability. This vulnerability stemmed from the lack of administrator and read-only permission checks for the POST /api/tag/getTag endpoint, which cou...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 8:25 p.m.16 views

CVE-2026-42870

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting XSS flaw was identified at the following endpoint: funcionario/profilefuncionario.php?idfuncionario=2. By injecting a malicious payload into the 'Description' Descrição field and saving t...

6.4CVSS0.00281EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 6:32 p.m.34 views

CVE-2026-42872 WeGIA: Reflected XSS in listar_arquivos_etapa.php

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a reflected Cross-Site Scripting XSS vulnerability exists in listaarquivosetapa.php due to improper handling of user-supplied input. The idprocesso parameter is directly embedded into the HTML without sanitization,...

6.1CVSS0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 6:32 p.m.10 views

CVE-2026-42870 WeGIA: Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao'

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting XSS flaw was identified at the following endpoint: funcionario/profilefuncionario.php?idfuncionario=2. By injecting a malicious payload into the 'Description' Descrição field and saving t...

6.4CVSS5.8AI score0.00281EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 6:32 p.m.13 views

CVE-2026-42870

WeGIA is affected by a Stored XSS in versions prior to 3.7.0 at funcionario/profile_funcionario.php?id_funcionario=2, where an attacker can inject a payload into the Description field that is saved and later executed when the profile page is opened. CVSSv4 data assigns a base score of 6.4 (MEDIUM...

6.4CVSS5.8AI score0.00281EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 6:31 p.m.11 views

CVE-2026-42871 WeGIA: Error Handling familiar_docfamiliar

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiardocfamiliar.php displays an overly descriptive error message, including database-related details. This verbosity leads to information disclosure, which could assist a potential attacker in mapping the...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 6:31 p.m.9 views

EUVD-2026-29186

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiardocfamiliar.php displays an overly descriptive error message, including database-related details. This verbosity leads to information disclosure, which could assist a potential attacker in mapping the...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.20 views

PT-2026-39735

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting XSS flaw was identified at the following endpoint: funcionario/profile funcionario.php?id funcionario=2. By injecting a malicious payload into the 'Description' Descrição field and saving...

6.4CVSS5.8AI score0.00281EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.16 views

PT-2026-39725

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiar docfamiliar.php displays an overly descriptive error message, including database-related details. This verbosity leads to information disclosure, which could assist a potential attacker in mapping th...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References2
CVE
CVE
added 2026/05/07 4:27 a.m.22 views

CVE-2026-4348

CVE-2026-4348 affects the BetterDocs Pro WordPress plugin (≤ 3.7.0). The vulnerability is an unauthenticated SQL injection in the get_current_letter_docs and docs_sort_by_letter AJAX actions, where the limit POST parameter is interpolated directly into a SQL query before $wpdb->prepare(), enab...

7.5CVSS5.9AI score0.00395EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.8 views

WordPress plugin BetterDocs Pro SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.9AI score0.00395EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 8:39 p.m.40 views

CVE-2026-41263

CVE-2026-41263 affects Traefik’s BasicAuth middleware. A timing side-channel allows an attacker to enumerate valid usernames by measuring response times, because the constant-time fallback secret resolves to an empty string, causing the bcrypt check to short-circuit quickly. Vulnerable versions a...

6.3CVSS5.3AI score0.00369EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.13 views

Traefik 安全漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.43, 3.6.14, and 3.7.0-rc.2 contain security vulnerabilities. These vulnerabilities stem from variables used in the BasicAuth middleware for constant-time comparisons, which are...

6.3CVSS5.8AI score0.00369EPSS
Exploits0References1
Rows per page
Query Builder