Lucene search
+L
AttackerkbRecent

76397 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-56171

Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.2AI score
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-57980

Authentication bypass using an alternate path or channel in Microsoft Edge Chromium-based allows an unauthorized attacker to perform tampering over a network...

5.4CVSS5.3AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-56740

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and TelnetIO.readNEVariables in TelnetIO.java:1127-1180...

7.5CVSS5.3AI score
Exploits0References10Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-56741

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAWS in TelnetIO.java:856-879 reads client-supplied...

7.5CVSS5.4AI score
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-48049

@hapi/inert provides static file and directory handlers for hapi.js. From 4.0.0 to 7.1.0, @hapi/inert serves static files from a directory configured with path in the directory or file handlers or relativeTo for h.file, with confinement enforced by the confine option, but the confinement check...

5.3CVSS5.4AI score0.00062EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-48022

@hapi/wreck is an HTTP client utility. Prior to 18.1.2, Wreck strips credential headers including Authorization, Cookie, and Proxy-Authorization before following a cross-origin redirect, but the origin check compares hostnames only and ignores scheme and port, so credentials are forwarded intact...

6.5CVSS5.3AI score0.0001EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-44979

@hapi/wreck is an HTTP client utility. Prior to 18.1.1, when @hapi/wreck follows a 3xx redirect to a different hostname, only the Authorization and Cookie headers are stripped, and the standard credential header Proxy-Authorization is forwarded intact to the redirect target, potentially exposing...

6.3CVSS5.2AI score0.00054EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-49485

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.9 and 6.9.4.2, all implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation, and the FHIRPath functions matches,...

7.5CVSS5.5AI score
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54335

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...

3.7CVSS5.3AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54490

websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, if this library is used with the permessage-deflate extension, a WebSocket server or client can be made to accept messages that are larger than the configured maximum message size because the limit is checked...

6.3CVSS5.3AI score
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54466

websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, the frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite...

9.2CVSS5.3AI score
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-55518

Avo is a framework to create admin panels for Ruby on Rails apps. Prior to 3.32.1 and 4.0.0.beta.51, Avo's association attach workflow checks attach? in the UI and GET /resources/:resource/:id/:related/new path, but the actual write endpoint, POST /resources/:resource/:id/:related, does not run t...

9.6CVSS5.3AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54498

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Basearoundrender can return HTML-unsafe strings that bypass the escaping behavior applied to normal call return values. This creates an XSS risk...

8.7CVSS5.2AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54497

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Base instances retain render-scoped objects across calls to renderin; if the same component, collection, or spacer component instance is reused...

6.8CVSS5.2AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-13445

IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the attacker's workflow reads victim file contents,...

8.1CVSS5.5AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-13446

IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

9.8CVSS5.3AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-50271

Datadog dd-trace-py is the Datadog Python APM client. Prior to 4.8.2, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing DDTRACEBAGGAGEMAXITEMS or DDTRACEBAGGAGEMAXBYTES limits on the extract path. A remote, unauthenticated...

7.5CVSS5.4AI score0.00106EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-50274

Datadog dd-trace-go is a Go client library for Datadog application performance monitoring, profiling, and security monitoring. Prior to 2.8.1, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing DDTRACEBAGGAGEMAXITEMS or...

7.5CVSS5.4AI score0.00106EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54159

PrestaShop psfacetedsearch is a module that adds layered navigation filters. From 3.0.0 until 4.0.4, the psfacetedsearch module rebuilds selected search filters from the request URL, and the value of a slider filter, price or weight, is taken from the URL without sufficient validation and stored ...

10CVSS5.7AI score0.00092EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-45785

OpenMcdf is a fully .NET / C library to manipulate Compound File Binary File Format files, also known as Structured Storage. In 3.1.3 and earlier, the BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling...

6.2CVSS5.3AI score0.00017EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-48062

CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the extin upload validation rule in system/Validation/StrictRules/FileRules.php checked the MIME-derived guessed extension instead of the client-provided filename extension. As a result, an uploaded file named shell.php containing...

9.8CVSS6AI score0.00078EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-53727

cssparser is a Ruby CSS parser. From 2.2.0 until 3.0.0, CssParser::Parserreadremotefile in lib/cssparser/parser.rb, and therefore loaduri! and the @import-following branch of addblock!, issued HTTP and HTTPS requests against any host, port, and URI without a scheme allowlist, host or IP filtering...

8.9CVSS5.5AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-50272

dd-trace is the Datadog APM client for Node.js. Prior to 5.100.0, W3C baggage propagation in packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/textmap.js parsed incoming baggage HTTP headers without enforcing DDTRACEBAGGAGEMAXITEMS or DDTRACEBAGGAGEMAXBYTES on...

7.5CVSS5.5AI score0.00106EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-45784

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.50 until 0.10.80, CipherCtxRef::cipherupdateinplace in openssl/src/cipherctx.rs incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8...

5.1CVSS5.6AI score0.00019EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54243

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS5.3AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54242

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS5.4AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54244

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...

3.5CVSS5.3AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-49977

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.33.0, tarteaucitron.cookie.purge is called on any element with the purgeBtn class and does not check whether the element is a legitimate tarteaucitron button or whether the cookie corresponds to a service handled by...

4.3CVSS5.3AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54163

secureheaders manages application of security headers with many safe defaults. Prior to 7.3.0, secureheaders builds the Content-Security-Policy value by stitching directives with ; separators, and buildsandboxlistdirective, buildmediatypelistdirective, and buildreporttodirective interpolate...

4.7CVSS5.3AI score0.00031EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-44891

Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.codec.stomp.StompSubframeDecoder fails to limit the total number of headers or their cumulative size per frame, and the maxLineLength parameter only...

7.5CVSS5.3AI score
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-16074

A vulnerability was detected in AstrBotDevs AstrBot up to 4.25.2. This affects the function updateplugin/updateallplugins of the file astrbot/dashboard/routes/plugin.py of the component Plugin Update Handler. The manipulation of the argument downloadurl/downloadurls/proxy results in server-side...

6.5CVSS6.1AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-48504

OpenTelemetry Rust is the Rust OpenTelemetry implementation. In 0.32.0 and earlier, BaggagePropagator::extractwithcontext in opentelemetrysdk did not enforce W3C Baggage size limits before parsing an inbound baggage header, so a large attacker-controlled header could cause unnecessary CPU work an...

5.3CVSS5.2AI score0.00096EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-44974

@hapi/content provided HTTP Content- headers parsing. Prior to 6.0.2, Content.disposition retained the last occurrence of each duplicate parameter while Content.type retained the first occurrence of duplicate charset and boundary parameters, creating a parameter-smuggling primitive when another...

7.7CVSS5.2AI score0.00052EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54171

Excon is usable, fast, simple HTTP 1.1 for Ruby. Prior to 1.5.0, Excon's RedirectFollower middleware failed to strip additional sensitive headers when following redirects and did not provide a custom list of headers to strip. This could cause inadvertent leakage of sensitive data when the initial...

6.5CVSS5.3AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-54465

websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.8.1, when websocket-driver is used to implement a WebSocket server on top of a TCP server using WebSocket::Driver.server or to complement a WebSocket client, a peer can make a single connection consume an unbounded...

6.3CVSS5.4AI score
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54463

websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.8.1, draft versions of the WebSocket protocol in websocket-driver include a length header that allows an arbitrarily large integer to be encoded as bytes with the high bit set, and a server or client can send an...

6.9CVSS5.3AI score
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54464

Impact If this library is used in tandem with the permessage-deflate extension, a WebSocket server or client can be made to accept messages that are larger than the configured maximum message size. This is because this limit is checked against the message frames' length headers, which give the si...

6.3CVSS5.3AI score
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-13448

IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint /api/v1/buildpublictmp/flowid/flow . The vulnerability stems from an incomplete denylist in the validatepublicflownocodeexecution function that fails...

8.1CVSS6.3AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-13473

IBM Storage Protect Client 8.1.0.0 through 8.1.27.0, 8.1.27.1, and 8.2.0.0 through 8.2.1.0 IBM Storage Protect is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server ...

8.1CVSS6.5AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-14499

IBM Langflow OSS 1.0.0 through 1.10.1 Langflow could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input in the Python Interpreter component...

8.8CVSS5.8AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-14501

IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions...

4.3CVSS6AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-55254

NCalc is a fast, lightweight expression evaluator for .NET. Prior to 6.1.1, the factorial operator implementation in src/NCalc.Core/Helpers/MathHelper.cs permits specially crafted expressions with extremely large factorial operands, causing excessive CPU consumption or a non-terminating loop due ...

4.8CVSS5.4AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-46420

setup-php is a GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and tools. From 2.25.0 prior to 2.37.1, shivammathur/setup-php resolves the PHP version from repository-controlled files such as .php-version, composer.lock through platform-overrides.php, and...

5.6CVSS5.5AI score0.01576EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-14971

IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions...

3.9CVSS5.2AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-45799

Wire provides gRPC and protocol buffers for Android, Kotlin, Swift, and Java. Prior to 6.3.0 and 7.0.0-alpha03, ByteArrayProtoReader32.skipGroup and ProtoReader.skipGroup in wire-runtime do not validate that a LENGTHDELIMITED field length is non-negative before skip, allowing a crafted protobuf...

7.5CVSS5.3AI score0.00055EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14979

IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 through Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 DOORS could allow a remote attacker to cause a denial of service due to improper handling of XML entity expansion...

5.3CVSS5.4AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-48819

Hey API is an ecosystem for turning API specifications into production-ready code. Prior to 0.97.3, dist/clients/core/params.ts ships a runtime template copied into generated SDKs as params.gen.ts, and buildClientParams writes unknown slot-prefixed keys such as $body, $headers, $path, and $query...

4.8CVSS5.3AI score
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-16118

A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in xdgmimemagicparsemagicline in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME magic file in a user-writable XDG data location e.g., in the $XDGDATAHOME/mime/magic path is parsed by an...

7.1CVSS5.6AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-50289

systeminformation is a System and OS information library for node.js. Prior to 5.31.7, networkInterfaces on Linux is vulnerable to OS command injection through the Debian/Ubuntu interfaces5 source directive because lib/network.js checkLinuxDCHPInterfaces reads /etc/network/interfaces, extracts a...

8.7CVSS5.6AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-50151

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, registry/remote/repository.go in blobStore.completePushAfterInitialPost follows a registry-controlled Location header during monolithic blob upload and reuses the Authorization header from the initial POST request for the...

7.5CVSS5.3AI score
Exploits0References5Affected Software1
Total number of security vulnerabilities76397