Lucene search
K

886 matches found

Nuclei
Nuclei
added 7 hours ago27 views

pgAdmin < 6.17 - Unauthenticated Remote Code Execution

pgAdmin prior to 6.17 contains an insecure HTTP API caused by improper access control, letting unauthenticated users execute arbitrary external utilities via path manipulation, exploit requires no authentication. id: CVE-2022-4223 info: name: pgAdmin 6.17 - Unauthenticated Remote Code Execution...

8.8CVSS7.5AI score0.79933EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-40948

MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated user can modify their group membership without proper authorization checks, allowing privilege escalation. An attacker can add themselves to arbitrar...

7.1CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added yesterday24 views

CVE-2026-13468 Visualizer <= 4.0.3 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via /visualizer/v1/action/{chart}/{type}/ REST Endpoint

The Visualizer – Tables & Charts Manager with Built-in AI Generator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

7.5CVSS0.00367EPSS
Exploits0References8
NVD
NVD
added 2 days ago5 views

CVE-2026-56399

Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL parameters with location redirect headers to access internal services and potentiall...

5.3CVSS0.0032EPSS
Exploits0References3
CVE
CVE
added 2 days ago9 views

CVE-2026-13207

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...

8.7CVSS5.8AI score0.00352EPSS
Exploits0References3
OSV
OSV
added 3 days ago5 views

PYSEC-2026-497 pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

Summary PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network services and exfiltrate cloud provider metadata. On DigitalOcean droplets, this exposes sensitive...

9.3CVSS6AI score0.00397EPSS
Exploits1References6
OSV
OSV
added 3 days ago4 views

PYSEC-2026-260 Aim Web API vulnerable to Remote Code Execution

A critical Remote Code Execution RCE vulnerability was identified in the aimhubio/aim project, specifically within the /api/runs/search/run/ endpoint, affecting versions = 3.0.0. The vulnerability resides in the runsearchapi function of the aim/web/api/runs/views.py file, where improper restricti...

9.8CVSS8AI score0.018EPSS
Exploits1References5
OSV
OSV
added 3 days ago5 views

PYSEC-2026-321 DB-GPT vulnerable to Arbitrary File Upload with Path Traversal

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /v1/personal/agent/upload is vulnerable to Arbitrary File Upload with Path Traversal. This vulnerability allows unauthorized attackers to upload arbitrary files to the victim's file system at any location. The impact of this vulnerability...

9.1CVSS8AI score0.01192EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
CVE
CVE
added 6 days ago11 views

CVE-2026-10823

CVE-2026-10823 affects the YMC Filter WordPress plugin (pre-3.11.3). The flaw stems from improper authorization of a REST API endpoint and lack of validation of a user-supplied query parameter, enabling unauthenticated attackers to retrieve titles and content from private, draft, and other non-pu...

7.5CVSS5.8AI score0.00921EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-10823 YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Post Disclosure

The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supplied query parameter, allowing unauthenticated attackers to retrieve the titles and content of private, draft, and other non-public posts...

0.00921EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 6:18 p.m.9 views

CVE-2026-54157

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST body and fetches it server-side without any authentication. An attacker can use this to make...

9CVSS0.0178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:44 p.m.34 views

CVE-2026-53675 BuddyPress 14.4.0 Friends List IDOR via REST API

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...

5.3CVSS0.00193EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 a.m.14 views

CVE-2017-20251 WordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST API

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS6.1AI score0.00559EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47620

Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.0 Description Response paths in internal/web/ and internal/api/ do not implement standard browser-security headers. The absence of X-Frame-Options: DENY or frame-ancestors 'none' in the Content-Security-Policy...

7.1CVSS5.9AI score0.00031EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/06/06 9:0 p.m.24 views

@poppies/egg-poppy-api-framework (=1.0.2), egg-poppy-customized-framework (>=1.0.1 <=1.0.5) +2 more potentially affected by unknown CVE via creditcard.js (=2.1.6)

creditcard.js NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on creditcard.js and may be impacted: - @poppies/egg-poppy-api-framework =1.0.2 - egg-poppy-customized-framework =1.0.1, =1.0.2, =1.0.1, =1.0.2 Source cves: unknown CVE Sourc...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.8 views

CVE-2026-5361

The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in versions up to and including 1.12.4. This is due to insufficient input sanitization in the updategallerydata function and improper output escaping in the galleryinit function. The...

6.4CVSS5.7AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.8 views

CVE-2026-7428

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.6AI score0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 1:24 p.m.7 views

CVE-2026-50233

Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service TCP port 9090 and the HTTP JSON-RPC endpoint /jsonrpc.js. The query accepts a folder parameter and lists its contents with no restriction to the...

6.9CVSS5.6AI score0.00294EPSS
Exploits2References3Affected Software1
EUVD
EUVD
added 2026/06/03 1:35 p.m.11 views

EUVD-2024-55609

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...

4.1CVSS5.8AI score0.00297EPSS
Exploits0References1
Rows per page
Query Builder