Lucene search
K

240 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-42905

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS6.2AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago4 views

CVE-2026-34038

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution...

9.9CVSS6.6AI score0.02539EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-27775

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

8.8CVSS0.00523EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.41 views

CVE-2026-27775 Gitea pre-receive hook permission cache allows full repository write access

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

0.00523EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.35 views

CVE-2026-27660 Gitea draft releases use insufficient permission checks

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

0.00345EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.6 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References5
CVE
CVE
added 2026/07/03 8:19 p.m.13 views

CVE-2026-27660

Gitea before 1.25.5 is affected by an access-control issue in the draft release workflow: draft release data and attachments can be accessed without write permissions due to insufficient permission checks. This is reported for versions prior to 1.25.5, with remediation to upgrade to 1.25.5 or new...

7.5CVSS5.9AI score0.00345EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 8:19 p.m.4 views

EUVD-2026-41633

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55603

Name of the Vulnerable Software and Affected Versions Gitea version 1.25.5 Description The software caches a branch-specific write-permission result across multiple refs during a single pre-receive hook session. This behavior allows a user with a per-branch maintainer-edit grant to reuse that...

8.8CVSS7.2AI score0.00523EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.9 views

PT-2026-55601

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Draft release data or attachments can be accessed by users who do not possess the necessary write permissions. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00345EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39574

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission or unauthenticated when the registry runs with default...

8.5CVSS5.8AI score0.00233EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:17 p.m.13 views

CVE-2026-56120

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784...

Exploits0
RedHat Linux
RedHat Linux
added 2026/06/23 1:27 a.m.5 views

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.8AI score0.00862EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51072

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description A CoreWCF service listening on a Kafka topic stops processing new records when the KafkaTransportPump receives a null-value tombstone record. A tombstone record is a...

6.5CVSS6AI score0.00336EPSS
Exploits0References9
NVD
NVD
added 2026/06/18 9:16 p.m.10 views

CVE-2026-49252

deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are vulnerable to Prototype Pollution. Exploitation can lead to potential privilege escalation from any authenticated user with write permission to any...

9.9CVSS0.0027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.18 views

PT-2026-50790

Name of the Vulnerable Software and Affected Versions deepstream versions prior to 10.0.5 Description A Prototype Pollution issue exists in the server, which allows clients and backend services to synchronize data, send messages, and make remote procedure calls RPCs at scale. Prototype Pollution...

9.9CVSS5.9AI score0.0027EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50478

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description An authorization bypass exists in the calendar event update process. The endpoint '/api/v1/calendars/events/event id/update' validates that the user has write access to the calendar where the even...

4.3CVSS5.9AI score0.00179EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/09 10:50 a.m.34 views

CVE-2026-47346 TYPO3 CMS - Broken Access Control in Form Framework

Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...

7.6CVSS0.00253EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40344

MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's Snowball auto-extract handler PutObjectExtractHandler allows any user who knows a valid access key to write...

8.8CVSS5.8AI score0.00418EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 7:49 a.m.38 views

CVE-2026-42359 Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validator

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

0.0055EPSS
Exploits0References3
Rows per page
Query Builder