Lucene search
+L

182 matches found

nvd
nvd
added 2 days ago3 views

CVE-2026-45793

Composer is a dependency Manager for the PHP language. Prior to 1.10.28, 2.2.28, and 2.9.8, Composer\IO\BaseIO::loadConfiguration validates GitHub OAuth tokens with the regex ^.A-Za-z0-9+$ and interpolates rejected tokens into an UnexpectedValueException; GitHub Actions GITHUBTOKEN values using t...

7.5CVSS0.00519EPSS
Exploits0References9
cve
cve
added 3 days ago54 views

CVE-2026-45073

CVE-2026-45073 affects Symfony’s PHP framework, specifically the PdoAdapter::doClear() path. Prior to versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the code builds a DELETE with a namespace derived from caller-supplied prefix without binding or escaping it, allowing an attacker who controls the pr...

7.3CVSS6.1AI score0.0041EPSS
Exploits0References6Affected Software1
osv
osv
added 3 days ago4 views

CVE-2026-45065 Symfony: UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, UrlGenerator validates route parameters against a pattern built as ^ plus the raw requirement plus $; with ungrouped alternations, middle alternatives mat...

2.3CVSS6.1AI score0.00261EPSS
Exploits0References7
cvelist
cvelist
added last week39 views

CVE-2026-57217 RabbitMQ: Topic authorization can lead to cross-tenant routing-key bypass

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup errors from Khepri can collapse to undefined, which the internal backe...

7CVSS0.00321EPSS
Exploits1References6
cvelist
cvelist
added 2026/07/09 10:3 p.m.33 views

CVE-2026-44787 Discourse: Signup-time primary_group_id assignment grants whisperer access

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the signup flow could allow newly registered users to set primarygroupid and gain whisper-group privileges without legitimate group membership on sites with whispersallowedgroups configured. This...

8.2CVSS0.00267EPSS
Exploits0References9
cve
cve
added 2026/07/09 9:55 p.m.8 views

CVE-2026-46413

Discourse (open-source discussion platform) contains a vulnerability tracked as CVE-2026-46413 where, prior to versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, regular users could route direct S3 multipart uploads through ExternalUploadManager into the admin backup store. This could allow una...

6.5CVSS5.9AI score0.00366EPSS
Exploits0References9Affected Software1
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.5 views

PT-2026-56902

Name of the Vulnerable Software and Affected Versions Metabase versions prior to 1.58.15 Metabase versions prior to 1.59.12 Metabase versions prior to 1.60.6.3 Metabase versions prior to 1.61.1.4 Description Metabase instances using an H2 database connection, including the default sample database...

9.9CVSS6.6AI score0.00457EPSS
Exploits1References17
debiancve
debiancve
added 2026/07/08 3:15 p.m.6 views

CVE-2026-59869

js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15.0 and from 4.0.0 before 4.3.0, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in...

7.5CVSS6AI score0.0037EPSS
Exploits1
osv
osv
added 2026/07/08 12:31 a.m.5 views

CVE-2026-55438 Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check to be bypassed. When a workspace-name subdomain segment parsed as a UUID, the...

5.8CVSS6AI score0.00222EPSS
Exploits0References9
cvelist
cvelist
added 2026/07/06 8:20 p.m.51 views

CVE-2026-54764 ForwardAuth middleware leaks X-Forwarded-Port spoofing via untrusted X-Forwarded-Proto when trustForwardHeader=false

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS0.0029EPSS
Exploits0References3
cve
cve
added 2026/07/01 7:24 p.m.30 views

CVE-2026-49858

API Platform Core contains a cross-user attribute leak in JSON:API and HAL item normalizers due to a missing isCacheKeySafe gate. Affected versions: 2.6.0 up to 4.1.28, 4.2.25, and 4.3.11 (i.e., before 4.1.29, 4.2.26, 4.3.12). Root cause: componentsCache arrays are keyed on $context['cache_key'] ...

5.9CVSS5.7AI score0.00197EPSS
Exploits0References1
cve
cve
added 2026/07/01 6:58 p.m.61 views

CVE-2026-55594

ImageMagick (MVG decoder) is affected by a stack overflow in the MVG decoder due to a missing depth check when processing a crafted image. This affects versions prior to 6.9.13-51 and 7.1.2-26. The issue has been fixed in 6.9.13-51 and 7.1.2-26. According to the CVE entry, the assigned CVSS score...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.13 views

PT-2026-54825

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description An integer overflow in the XCF decoder can lead to an out-of-bounds read when processing a specially crafted image, which may cause the application to...

9.2CVSS6.1AI score0.01849EPSS
Exploits5References125
osv
osv
added 2026/06/30 11:39 p.m.3 views

BIT-ENVOY-2026-48743 Envoy: HTTP/3 to HTTP/1 request smuggling via headers-only request with nonzero Content-Length

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer HEADERS with FIN / headers-only close but still carries a nonzero...

7.5CVSS5.7AI score0.00298EPSS
Exploits1References2
cve
cve
added 2026/06/26 7:2 p.m.16 views

CVE-2026-52779

OpenProject prior to versions 17.3.3 and 17.4.1 contains a cross-project IDOR/authorization context confusion in the Calendar and Team Planner modules. A user with management permissions in one project can delete public Calendar or Team Planner Queries from another project where they lack corresp...

5.4CVSS5.8AI score0.00185EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.7 views

PT-2026-52902

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.2 OpenProject versions prior to 17.4.0 Description A business logic error exists in the password change behavior. This flaw allows an attacker who has achieved an active session takeover to bypass password...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.11 views

PT-2026-52887

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.35.11 Envoy versions prior to 1.36.7 Envoy versions prior to 1.37.3 Envoy versions prior to 1.38.1 Description A structural flaw exists in the DefaultCertValidator::verifySubjectAltName function. The issue occurs when...

4.4CVSS5.8AI score0.00212EPSS
Exploits1References20
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52521

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.2 pnpm versions prior to 11.5.3 Description The generic peer-suffix normalizer incorrectly strips parenthesized text from git, URL, tarball, file, and other opaque locators. This behavior allows a scenario where...

7.5CVSS5.8AI score0.00118EPSS
Exploits1References10
nvd
nvd
added 2026/06/24 10:16 p.m.9 views

CVE-2026-55759

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT signatures but skips claims validation. Any Apple-signed JWT with a non-empty iss is accepted...

7.4CVSS0.00243EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.20 views

PT-2026-52116

Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...

9.3CVSS5.9AI score0.00295EPSS
Exploits0References7
Rows per page
Query Builder