Lucene search
+L
AttackerkbRecent

75502 matches found

attackerkb
attackerkb
•added 2 hours ago•5 views

CVE-2026-46336

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. From 0.96.0 until 0.140.0, authenticated users can rename uploaded files with path traversal sequences because app/models/modelfile.rb uses the user-controlled...

7.1CVSS6.1AI score0.00051EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-15737

AWS Bedrock AgentCore Python SDK is an open-source Python library that provides client tools for building AI agents on the Amazon Bedrock AgentCore platform. Unintended logging of sensitive user content in the OpenTelemetry instrumentation in AWS Bedrock AgentCore Python SDK versions 1.4.8 and...

5.7CVSS6.1AI score
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-45336

HireFlow is a web-based interview management system for managing candidates, scheduling interviews, and tracking hiring progress. In 1.2 and earlier, app.py assigns a hard-coded Flask secretkey used to sign session cookies, allowing unauthenticated attackers who know the public source value to...

10CVSS6.1AI score
Exploits0References3Affected Software1
attackerkb
attackerkb
•added 2 hours ago•4 views

CVE-2026-46687

Emlog is an open source website building system. In 2.6.13 and earlier, the article publishing interface stores a path-traversal template parameter from apicontroller.php without validation, and logcontroller.php later checks fileexists and calls include View::getView$template, allowing an...

7.7CVSS6.2AI score0.00177EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-46686

Emlog is an open source website building system. In 2.6.13 and earlier, the admin backend user search module's keyword parameter from admin/user.php is processed with addslashes but not HTML-escaped before being rendered into the value attribute in admin/views/user.php, allowing reflected...

8.5CVSS6AI score0.0003EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-46341

The Apify MCP server enables AI agents to extract data from websites using ready-made scrapers, crawlers, and automation tools available on the Apify Store. Prior to 0.9.21, the fetch-apify-docs tool in src/tools/common/fetchapifydocs.ts validates allowlisted documentation domains with...

6.1CVSS6.2AI score0.00045EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 2 hours ago•4 views

CVE-2026-45367

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.7, the FHIRPathEngine implementation passes user-controlled regular expressions from matches, matchesFull, and replaceMatches to Java regex operations without effective timeouts,...

7.5CVSS6.1AI score0.00086EPSS
Exploits0References7Affected Software1
attackerkb
attackerkb
•added 2 hours ago•4 views

CVE-2026-10590

A potential missing authentication vulnerability could allow a local privileged attacker to use WMI commands to arbitrarily trigger a System Management Interrupt handler...

6.7CVSS6.1AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-10589

A potential out of bounds write vulnerability could allow a local privileged attacker to execute code in System Management Mode...

6.8CVSS6.2AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-10588

A potential vulnerability could allow a local privileged attacker to disclose the address of protected System Management Mode memory...

6.7CVSS6.1AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-10587

A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...

6.8CVSS6.1AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-14371

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands...

8.8CVSS6.1AI score
Exploits0References2Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-13104

A potential vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code with elevated privileges...

7.3CVSS6.3AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-13103

A potential path traversal vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code...

7.3CVSS6.3AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•4 views

CVE-2026-9046

A potential insecure permissions vulnerability was reported in Legion Zone and the Lenovo App Store Windows applications, distributed exclusively in the Chinese market, that when installed on a non‑system partition, could allow a local user to execute arbitrary code...

7.3CVSS6.3AI score
Exploits0References2
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-6511

During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system...

6.8CVSS6.1AI score
Exploits0References3
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-45576

zrok is software for sharing web services, files, and network resources. From 0.4.23 until 2.0.3, zrok2 copy stores attacker-controlled WebDAV or zrok drive paths such as /../outside.txt in the source inventory and passes them to FilesystemTarget.WriteStream, allowing the sync pipeline to write...

8.3CVSS6.1AI score0.00061EPSS
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-45568

zrok is software for sharing web services, files, and network resources. Prior to 2.0.3, zrok's Python SDK ProxyShare Flask proxy route accepts an absolute URL in the request path and passes it to urllib.parse.urljoin, allowing the requested path to replace the configured target host and causing...

9.9CVSS6.1AI score0.00061EPSS
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-45325

Gestor de Oferta is a web application for managing mobility service offerings. Prior to 20260509.0340.15, @tmlmobilidade/utils has a prototype pollution vulnerability in setValueAtPath in packages/utils/src/generic/value-at-path.ts because unsafe path segments are not blocked. This issue is fixed...

8.2CVSS6.1AI score0.00055EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-63088

stoatchat before 0.14.0 contains a server-side request forgery SSRF vulnerability that allows unauthenticated network-accessible attackers to bypass the DNS-based IP blocklist by exploiting incomplete address validation in the urlisblacklisted function, which inspects only the first resolved...

8.6CVSS6.1AI score
Exploits0References5
attackerkb
attackerkb
•added 2 hours ago•3 views

CVE-2026-45795

The Janssen Project is an open-source identity and access management IAM platform. Prior to 2.0.0, jans-auth-server accepts unsigned JWE request objects because JwtAuthorizationRequest skips inner signature validation when jwe.getSignedJWTPayload returns null, and...

5.3CVSS6.1AI score0.00044EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 2 hours ago•4 views

CVE-2026-45612

rz-libdemangle is a Rizin library for demangling symbols. Prior to 6bf56d3, the Rust demangler in src/rust/rustv0.c can perform an out-of-bounds read when the demangler structure is not yet initialized. This issue is fixed in commit 6bf56d3...

5.5CVSS6.1AI score
Exploits0References4
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-3031

Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library. Image::EPEG includes Epeg 0.9.0 that was last updated in 2004. Epeg is a fast JPEG thumbnail library that was once part of the Englightenment Project...

6.1AI score
Exploits0References4
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-57074

XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The parsercparse function attempts to check for multicharacter strings such as "" without checking that the offsets are within the buffer. Truncated strings such as "...

6.1AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-57073

HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead. The parsercparse function attempts to check for multicharacter strings such as "" without checking that the offsets are within the buffer. Truncated strings such as "...

6.1AI score
Exploits0References4
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-13401

XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

6.1AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-13397

HTML::Bare versions through 0.04 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

6.1AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•4 views

CVE-2026-47729

Squid is a caching proxy for the Web. Prior to 7.6, due to an improper validation of syntactic correctness of input in the FTP gateway src/clients/FtpGateway.cc, Squid is vulnerable to an out-of-bounds read: when a listing entry date in the TypeA or TypeB directory-listing formats is not followed...

6.5CVSS6.6AI score
Exploits1References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•4 views

CVE-2026-50012

Squid is a caching proxy for the Web. Prior to 7.6, due to an improper input validation bug in cache digest reply handling peerDigestSwapInMask in src/peerdigest.cc, Squid is vulnerable to a heap-based buffer overflow: a cache digest's on-the-wire size may be larger than the masksize declared...

5.5CVSS6.2AI score
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-55548

Yamcs is a mission control framework. Prior to 5.12.8 and 5.13.2, the PacketsApi.exportPackets endpoint in yamcs-core/src/main/java/org/yamcs/http/api/PacketsApi.java failed to enforce object-level ReadPacket privileges when a request omitted specific packet names: with an empty name list the...

4.3CVSS6.1AI score
Exploits0References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-46621

Yamcs is a mission control framework. Prior to 5.12.7, the Yamcs script evaluation engine for Python algorithms dynamically compiled and evaluated user-controlled algorithm text using Jython through the JSR-223 ScriptEngine API without enforcing a secure sandbox, so an authenticated user with the...

9.1CVSS6.6AI score0.00473EPSS
Exploits0References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-46562

Yamcs is a mission control framework. Prior to 5.12.7, the Nashorn ScriptEngine used to evaluate user-supplied JavaScript algorithm text in yamcs-core/src/main/java/org/yamcs/algorithms/ScriptAlgorithmExecutorFactory.java was constructed without a ClassFilter, so a user with the...

9.8CVSS6.3AI score0.00562EPSS
Exploits0References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-44632

Yamcs is a mission control framework. Prior to 5.12.7, a server-side code injection vulnerability existed in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory, which dynamically compiled and evaluated user-controlled algorithm text through the Janino...

9.1CVSS6.5AI score0.00473EPSS
Exploits0References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-44596

Yamcs is a mission control framework. Prior to 5.12.7, the authentication endpoint POST /auth/token in yamcs-core, handled by yamcs-core/src/main/java/org/yamcs/http/auth/AuthHandler.java, lacked any rate limiting, account lockout, or failed-attempt throttling, so an unauthenticated remote attack...

6.5CVSS6.2AI score0.00052EPSS
Exploits2References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-63087

Grafana OnCall through 1.16.11 contains an unauthenticated access vulnerability that allows remote attackers to obtain a valid PluginAuthToken by sending a POST request to the internal plugin install endpoint using hardcoded default stackid and orgid values present in the public source tree...

9.8CVSS6.2AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•4 views

CVE-2026-44595

Yamcs is a mission control framework. Prior to 5.12.7, the IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core did not enforce the required SystemPrivilege.ControlAccess check in yamcs-core/src/main/java/org/yamcs/http/api/IamApi.java, so any authenticated user, even one...

4.3CVSS6.1AI score0.00028EPSS
Exploits2References6Affected Software1
attackerkb
attackerkb
•added 3 hours ago•4 views

CVE-2026-63086

text-generation-inference through 3.3.7 contains a server-side request forgery SSRF vulnerability in the OpenAI-compatible multimodal chat completions endpoint that allows unauthenticated network attackers to coerce the server into issuing arbitrary HTTP GET requests by supplying a crafted imageu...

8.6CVSS6.2AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-47751

Claude Code Action is a general-purpose GitHub action that runs Claude Code on GitHub pull requests and issues. Prior to 1.0.74, because the action checked out attacker-controlled pull request head branches, read .mcp.json from the working directory via default setting sources, and unconditionall...

5.3CVSS6.5AI score0.00069EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 3 hours ago•4 views

CVE-2026-55407

Buffa is a pure-Rust Protocol Buffers implementation with first-class protobuf editions support. Prior to 0.8.0, the decodeunknownfield function in buffa's protobuf decoder allocated heap memory in proportion to untrusted input unknown fields in the serialized protobuf without enforcing an...

6.3CVSS6.1AI score
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-63085

Axelor Open Platform versions 8.x prior to 8.2.2 contains an authorization bypass vulnerability that allows authenticated non-admin users to escalate privileges by exploiting unenforced field restrictions on nested relational save operations. Attackers can modify sensitive User record fields such...

8.8CVSS6.1AI score
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 3 hours ago•4 views

CVE-2026-55406

Buffa is a pure-Rust Protocol Buffers implementation with first-class protobuf editions support. Prior to 0.7.0, a soundness bug in the OwnedView type allowed safe Rust code to trigger a use-after-free: the OwnedView::decode constructor transmuted a borrowed slice to &'static u8, and the Deref...

5.9CVSS6.2AI score
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-45695

Kopia is a cross-platform backup tool for Windows, macOS, and Linux with fast incremental backups, client-side end-to-end encryption, compression, and data deduplication. Prior to 0.23.0, Kopia's HTTP server started with --without-password accepts unauthenticated requests to /api/v1/repo/exists a...

9.8CVSS6.1AI score0.00109EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-55440

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Prior to 3.0.7, the COMMANDRESULTS handler in ufo/server/ws/handler.py called getorcreatesession in ufo/server/services/sessionmanager.py without ownerclientid, allowing an authenticated client to create ...

6.5CVSS6.1AI score
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-63082

Perfect Support Ticketing & Document Management System through 1.7 contains a broken access control vulnerability that allows authenticated attackers with Agent-level privileges to manipulate the Support Agent assignment field of tickets by bypassing intended authorization checks. Attackers can a...

5.4CVSS6.1AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-63081

Perfect Support Ticketing & Document Management System through 1.7 contains a stored cross-site scripting vulnerability that allows authenticated attackers with Agent-level privileges to inject malicious payloads into the Notes field of assigned support tickets. Attackers can store malicious...

5.4CVSS6.1AI score
Exploits0References3
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-12379

An Open Redirect vulnerability CWE-601 exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, so a user who follows a crafted login link can be sent to an untrusted...

6.8CVSS6AI score
Exploits0References2Affected Software1
attackerkb
attackerkb
•added 3 hours ago•3 views

CVE-2026-54568

Microsoft UFO open-source framework for intelligent automation across devices and platforms. From 3.0.0 until 3.0.6, a client connected to the UFO WebSocket server as a DEVICE could call DEVICEINFOREQUEST with another device's targetid and receive that device's server-side systeminfo through...

4.3CVSS6.1AI score
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 4 hours ago•3 views

CVE-2026-57206

SimpleChat is a secure AI conversation application with personal and group workspaces for document-grounded interactions. Prior to 0.241.206, several plugin validation routes in application/singleapp/pluginvalidationendpoint.py, including POST /api/admin/plugins/test-instantiation, GET...

8.6CVSS6.1AI score
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 4 hours ago•3 views

CVE-2026-57205

SimpleChat is a secure AI conversation application with personal and group workspaces for document-grounded interactions. Prior to 0.241.203, the authenticated GET /api/user/info/ and GET /api/user/profile-image/ endpoints in application/singleapp/routebackendusers.py accepted a caller-supplied...

4.3CVSS6.1AI score
Exploits0References4Affected Software1
attackerkb
attackerkb
•added 4 hours ago•3 views

CVE-2026-53598

Prompty is a markdown file format .prompty for LLM prompts. Prior to 2.0.0-beta.2, Prompty loaders expanded $file:... references in .prompty frontmatter without enforcing that resolved paths stayed within the prompt directory or allowed roots, allowing an attacker-controlled prompt file to read...

7.5CVSS6.1AI score
Exploits0References3Affected Software1
Total number of security vulnerabilities75502