2429 matches found
CVE-2026-54406
A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...
CVE-2026-54406
A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...
CVE-2026-54406
A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...
CVE-2026-58652
The issue affects luci-app-travelmate and the travelmate package. A LuCI/rpcd session with the luci-app-travelmate write ACL gains config-wide UCI write access to the travelmate configuration, and the backend travelmate service (running as root) reads raw UCI values for script and script_args and...
CVE-2026-55628
In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...
PT-2026-54642
Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper versions 3.3.0 through 4.0.0 Description Deserialization of untrusted data in the RemoteQueryCachePlugin allows an actor with write access to the shared cache infrastructure to execute arbitrary code on application...
CVE-2026-56377
ImageMagick vulnerable to a policy- bypass due to an incorrect path check in sandboxed conversion services. Affects ImageMagick before 7.1.2-24, where a crafted request could allow remote or local attackers to create or truncate files outside allowed boundaries by bypassing path policy restrictio...
CVE-2026-48314
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited read and write access to...
EUVD-2026-40360
SeaweedFS before 4.34 contains a path traversal vulnerability in the S3 gateway DeleteMultipleObjectsHandler that allows authenticated S3 principals with write access to a single bucket to delete arbitrary objects in other tenants' buckets by supplying object keys containing ../ sequences in the...
CVE-2026-12819
CVE-2026-12819 affects the Delta Electronics DVP12SE PLC. The issue is exposure of a Modbus TCP service on a specified port without authentication or access control, allowing unauthenticated interaction with security‑sensitive PLC functions. The CVSS metrics indicate high impact on confidentialit...
EUVD-2026-37951
mcp-pinot: Unauthenticated tool invocation via default oauthenabled=False + host 0.0.0.0 bind...
CVE-2026-44696
OpenProject is open-source, web-based project management software. Prior to 17.4.0, OpenProject's rich text markdown rendering pipeline uses Sanitize::Config::RELAXED:css for inline style sanitization. This configuration permits essentially all CSS properties in style attributes on permitted HTML...
CVE-2026-44696 OpenProject: Stored CSS injection via Sanitize::Config::RELAXED[:css] enables phishing overlays and data exfiltration
OpenProject is open-source, web-based project management software. Prior to 17.4.0, OpenProject's rich text markdown rendering pipeline uses Sanitize::Config::RELAXED:css for inline style sanitization. This configuration permits essentially all CSS properties in style attributes on permitted HTML...
CVE-2026-13372
Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name...
CVE-2026-13372
The CVE-2026-13372 vulnerability affects Devolutions Remote Desktop Manager 2026.2.5–2026.2.11, where incorrect link resolution by display name in the custom PowerShell VPN editor can enable an authenticated user with write access to a shared workspace to execute a PowerShell script in another us...
CVE-2026-13372
Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name...
CVE-2026-13372
Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name...
PT-2026-52899
Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.4.0 Description The rich text rendering pipeline uses an overly permissive configuration for inline style sanitization. This allows authenticated users with write access to formattable text fields, such as work...
EUVD-2026-31483
amazon-braket-sdk vulnerable to Insecure Deserialization via pickle.loads...
PT-2026-52608
Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 4.10.0 Description A supply chain incident occurred where incorrect version tags were pushed to the official repository. These tags pointed to an unreviewed personal fork of a contributor who had write access...