Lucene search
K
AttackerkbMost viewed

74485 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/15 8:52 p.m.11 views

CVE-2026-8696

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...

8.7CVSS6.1AI score0.00603EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:30 p.m.11 views

CVE-2026-44562

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/models/import endpoint allows users with the workspace.modelsimport permission to overwrite any existing model in the database, regardless of ownership. When an...

6.5CVSS5.8AI score0.0029EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 6:44 p.m.11 views

CVE-2026-45800

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an authenticated SQL injection issue in the frontend user order history page in Vvveb CMS. A normal frontend user can log in and access /user/orders. The orderby and...

8.7CVSS5.9AI score0.00265EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 4:48 p.m.11 views

CVE-2026-45038

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...

8.4CVSS6.2AI score0.00178EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 4:17 p.m.11 views

CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

5.4CVSS5.9AI score0.00111EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 4:8 p.m.11 views

CVE-2026-44699

LibJWT is a C JSON Web Token Library. From 3.0.0 to 3.3.2, libjwt accepts an RSA JWK that does not contain an alg parameter as the verification key for an HS256/HS384/HS512 token. In the OpenSSL backend, this causes HMAC verification to run with a zero-length key, so an attacker can forge a valid...

9.1CVSS5.8AI score0.00209EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 12:58 p.m.11 views

CVE-2026-46333

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an...

7.1CVSS5.8AI score0.0138EPSS
Exploits6References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:46 a.m.11 views

CVE-2026-8425

The Notify Odoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the updateSettings function. This makes it possible for unauthenticated attackers to change the Notify Odoo URL to ...

4.3CVSS5.7AI score0.00135EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/15 6:45 a.m.11 views

CVE-2026-6646

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS6AI score0.00281EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:45 a.m.11 views

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.11 views

CVE-2026-8582

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.11 views

CVE-2026-8549

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.11 views

CVE-2026-8543

Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.11 views

CVE-2026-8540

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00306EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.11 views

CVE-2026-8513

Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.8AI score0.00207EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:58 p.m.11 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:56 p.m.11 views

CVE-2026-44520

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:36 p.m.11 views

CVE-2026-44515

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS5.8AI score0.00185EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:17 p.m.11 views

CVE-2025-62305

HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resulting in unintended disclosure of sensitive information. Such behaviour may allow exposure of data to external systems under specific conditions...

5.1CVSS5.8AI score0.00109EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:15 p.m.11 views

CVE-2026-44312

cssparser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle MITM attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with OpenSSL::SSL::VERIFYNONE, meaning...

5.8CVSS5.8AI score0.00146EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 3:30 p.m.11 views

CVE-2026-42592

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when i...

5.3CVSS5.8AI score0.00186EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 3:5 p.m.11 views

CVE-2026-42881

STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...

8.4CVSS6.2AI score0.00151EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:24 p.m.11 views

CVE-2026-42559

RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to...

8.8CVSS5.8AI score0.00213EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 11:22 a.m.11 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.8AI score0.00487EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:24 a.m.11 views

CVE-2026-6504

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titletag' parameter in all versions up to, and including, 1.7.1058 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...

6.4CVSS6AI score0.00255EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:24 a.m.11 views

CVE-2026-6514

The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popupsubmit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to...

7.5CVSS5.9AI score0.00271EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/14 5:38 a.m.11 views

CVE-2025-14869

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payloads on certain API endpoints...

7.5CVSS5.8AI score0.00354EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 5:36 a.m.11 views

CVE-2026-2900

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated user with Maintainer permissions to modify or dele...

2.7CVSS5.8AI score0.00219EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 12:0 a.m.11 views

CVE-2026-24711

Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control...

5.8AI score0.00208EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/13 9:54 p.m.11 views

CVE-2026-45158

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...

9.1CVSS6.5AI score0.00531EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:14 p.m.11 views

CVE-2026-8328

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

5.9CVSS6.8AI score0.02602EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/13 7:28 p.m.11 views

CVE-2026-28379

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 7:8 p.m.11 views

CVE-2026-22677

Hermes WebUI prior to 0.51.44 contains a path traversal vulnerability in the session import endpoint that allows authenticated attackers to read arbitrary files by importing a crafted session with an unrestricted workspace value. Attackers can supply a blocked filesystem root in the workspace fie...

6.5CVSS5.9AI score0.00376EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/13 7:4 p.m.11 views

CVE-2026-0242

A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an attacker to read sensitive data, modify database contents, and escalate privileges to gain full...

8.6CVSS6.1AI score0.00248EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 6:26 p.m.11 views

CVE-2026-0250

A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses...

6.4AI score0.00208EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/13 6:2 p.m.11 views

CVE-2026-8496

A cross-site scripting XSS vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitation files allows arbitrary JavaScript execution within the authenticated SOGo webmail session. The issue occurs because SVG content embedded in the description field of an ICS...

6.1CVSS6AI score0.00283EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/13 5:49 p.m.11 views

CVE-2026-0262

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

5.8AI score0.00338EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:8 p.m.11 views

CVE-2026-43486

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix setaccessflags no-op check for SMMU/ATS faults contpteptepsetaccessflags compared the gathered ptepget value against the requested entry to detect no-ops. ptepget ORs AF/dirty from all sub-PTEs in the CONT...

5.8AI score0.00114EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:2 p.m.11 views

CVE-2026-44459

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This issue is not...

3.8CVSS5.8AI score0.00216EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:39 p.m.11 views

CVE-2026-44289

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated decoding of nested message fields. A crafted protobuf...

7.5CVSS5.7AI score0.0058EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:15 p.m.11 views

CVE-2026-6282

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device...

8.6CVSS5.8AI score0.00391EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:12 p.m.11 views

CVE-2026-42945

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

9.2CVSS6.4AI score0.61469EPSS
Exploits40References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 1:36 p.m.11 views

CVE-2026-8369

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

6CVSS5.8AI score0.00162EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:2 p.m.11 views

CVE-2026-42948

Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...

4.8CVSS5.7AI score0.00161EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:44 a.m.11 views

CVE-2026-25710

The new upstream added a privileged D-Bus helper called plasmaloginauthhelper, which suffers from multiple issues, e.g.aA compromised plasmalogin service account can chown arbitrary files in the system...

7CVSS5.8AI score0.00134EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:37 a.m.11 views

CVE-2026-41051

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

5.1CVSS5.8AI score0.00075EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:5 a.m.11 views

CVE-2026-8199

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

7.1CVSS5.8AI score0.00258EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:0 a.m.11 views

CVE-2024-51394

Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the APMSP::loop, APMSP, APMSP.cpp components...

5.8AI score0.00102EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:56 p.m.11 views

CVE-2026-42854

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...

9.8CVSS6.2AI score0.00571EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:51 p.m.11 views

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

5.9CVSS5.8AI score0.00222EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000