Lucene search
K

2790 matches found

Nuclei
Nuclei
added 5 hours ago51 views

XWiki >= 6.0-rc-1 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the delete template to perform a XSS, e.g. by using URL such as:...

9.6CVSS6.4AI score0.02081EPSS
Exploits0References2
OSV
OSV
added yesterday16 views

ROOT-APP-NPM-CVE-2026-44902 CVE-2026-44902 in @rootio/opentelemetry__sdk-node - Patched by Root

Root has patched CVE-2026-44902 in the @rootio/opentelemetrysdk-node package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00455EPSS
Exploits0
OSV
OSV
added 4 days ago24 views

ROOT-APP-PYPI-CVE-2026-34517 CVE-2026-34517 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34517 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00384EPSS
Exploits0
OSV
OSV
added 4 days ago22 views

ROOT-APP-PYPI-CVE-2026-34518 CVE-2026-34518 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34518 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00337EPSS
Exploits0
OSV
OSV
added 4 days ago11 views

ROOT-OS-DEBIAN-12-CVE-2026-6429 CVE-2026-6429 in rootio-curl - Patched by Root

Root has patched CVE-2026-6429 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.8AI score0.00519EPSS
Exploits1
NVD
NVD
added 5 days ago6 views

CVE-2026-55604

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...

8.6CVSS0.00225EPSS
Exploits0References2
OSV
OSV
added 5 days ago11 views

ROOT-APP-NPM-CVE-2026-27980 CVE-2026-27980 in @rootio/next - Patched by Root

Root has patched CVE-2026-27980 in the @rootio/next package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00683EPSS
Exploits0
OSV
OSV
added 5 days ago9 views

ROOT-APP-NPM-CVE-2026-3304 CVE-2026-3304 in @rootio/multer - Patched by Root

Root has patched CVE-2026-3304 in the @rootio/multer package for Root:npm. Multiple fixed versions available...

8.7CVSS5.8AI score0.00663EPSS
Exploits1
OSV
OSV
added 5 days ago8 views

ROOT-APP-NPM-CVE-2024-8373 CVE-2024-8373 in @rootio/angular - Patched by Root

Root has patched CVE-2024-8373 in the @rootio/angular package for Root:npm. Multiple fixed versions available...

4.8CVSS7.1AI score0.00599EPSS
Exploits1
OSV
OSV
added 5 days ago5 views

ROOT-APP-NPM-CVE-2021-44906 CVE-2021-44906 in @rootio/minimist - Patched by Root

Root has patched CVE-2021-44906 in the @rootio/minimist package for Root:npm. Multiple fixed versions available...

9.8CVSS8.2AI score0.04581EPSS
Exploits1
OSV
OSV
added 6 days ago10 views

ROOT-APP-PYPI-CVE-2023-50447 CVE-2023-50447 in rootio-pillow - Patched by Root

Root has patched CVE-2023-50447 in the rootio-pillow package for Root:PyPI. Multiple fixed versions available...

8.1CVSS5.4AI score0.01703EPSS
Exploits0
OSV
OSV
added last week6 views

PYSEC-2026-1313 docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage

Impact A PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core =2.21.0, 2.48.4 and, specifically only if the application uses pyyaml 5.4 and invokes doclingcore.types.doc.DoclingDocument.loadfromyaml passing it untrusted YAML data. Patches The...

8.1CVSS7.5AI score0.01376EPSS
Exploits1References9
OSV
OSV
added 2026/07/07 12:11 p.m.16 views

ROOT-APP-MAVEN-CVE-2026-42587 CVE-2026-42587 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42587 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00887EPSS
Exploits1
OSV
OSV
added 2026/07/07 12:11 p.m.22 views

ROOT-APP-MAVEN-CVE-2026-42583 CVE-2026-42583 in io.root.io.netty:netty-codec - Patched by Root

Root has patched CVE-2026-42583 in the io.root.io.netty:netty-codec package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00429EPSS
Exploits1
OSV
OSV
added 2026/07/07 12:11 p.m.7 views

ROOT-APP-MAVEN-CVE-2026-45673 CVE-2026-45673 in io.root.io.netty:netty-resolver-dns - Patched by Root

Root has patched CVE-2026-45673 in the io.root.io.netty:netty-resolver-dns package for Root:Maven. Multiple fixed versions available...

6.8CVSS5.9AI score0.00256EPSS
Exploits0
OSV
OSV
added 2026/07/07 10:9 a.m.4 views

RHSA-2026:35896 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.8CVSS5.9AI score0.00514EPSS
Exploits0References58
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.7 views

PT-2026-56237

Name of the Vulnerable Software and Affected Versions Chevereto versions 3.7.5 through 4.5.3 Description An issue exists in the self-hosted media-sharing platform where the /json AJAX listing endpoint fails to enforce private profile restrictions. While the profile HTML route /username correctly...

6.9CVSS6.1AI score0.00249EPSS
Exploits0References6
OSV
OSV
added 2026/07/06 10:29 a.m.4 views

ROOT-OS-DEBIAN-13-CVE-2026-37555 CVE-2026-37555 in rootio-libsndfile - Patched by Root

Root has patched CVE-2026-37555 in the rootio-libsndfile package for Root:Debian:13. Multiple fixed versions available...

8.2CVSS7.1AI score0.00504EPSS
Exploits1
OSV
OSV
added 2026/07/06 3:50 a.m.7 views

ROOT-OS-DEBIAN-13-CVE-2025-40203 CVE-2025-40203 in rootio-linux - Patched by Root

Root has patched CVE-2025-40203 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.4AI score0.0018EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.12 views

ROOT-OS-DEBIAN-13-CVE-2026-46066 CVE-2026-46066 in rootio-linux - Patched by Root

Root has patched CVE-2026-46066 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS5.8AI score0.00121EPSS
Exploits0
Rows per page
Query Builder