Lucene search
K
AttackerkbRecent

75081 matches found

ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:45 p.m.•7 views

CVE-2026-58381

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.1AI score0.00118EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:44 p.m.•8 views

CVE-2026-59102

Forgejo before 15.0.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by setting a full name containing an HTML payload and triggering an Actions run. When the DEFAULTSHOWFULLNAME option is enabled,...

5.4CVSS6AI score0.00199EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:43 p.m.•9 views

CVE-2026-59101

AutoBangumi before 3.2.8 contains a server-side request forgery SSRF vulnerability that allows unauthenticated remote attackers to probe internal network services by supplying arbitrary host values to an unprotected setup endpoint. Attackers can send requests to the POST...

6.9CVSS6AI score0.00321EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:43 p.m.•7 views

CVE-2026-59100

LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and...

5CVSS5.9AI score0.0018EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:42 p.m.•9 views

CVE-2026-59099

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6AI score0.00356EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:42 p.m.•9 views

CVE-2026-59098

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:42 p.m.•7 views

CVE-2026-59097

Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create default due-date records in any project by exploiting unprotected POST endpoints on the user-story, task, and issue due-date API viewsets. Attackers can supply an arbitrary...

6.9CVSS6AI score0.00344EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:41 p.m.•12 views

CVE-2026-59096

Dapr Sentry's OIDC discovery endpoint derives the issuer and jwksuri of the /.well-known/openid-configuration document from the request Host, honoring an attacker-controlled X-Forwarded-Host header without validation when no allowed-hosts list is configured the default, and serves the document wi...

8.2CVSS5.8AI score0.00246EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:41 p.m.•7 views

CVE-2026-59095

LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service importFromUrl and topic cover update fetchImageFromUrl...

8.3CVSS5.9AI score0.00235EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:40 p.m.•8 views

CVE-2026-59094

Pathway through 0.31.1, fixed in commit d09722e, document store applies a caller-supplied glob pattern to indexed document paths using a hand-written recursive matcher that branches two ways on each token without memoization, giving exponential worst-case complexity. The filepathglobpattern value...

8.7CVSS5.9AI score0.0047EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:40 p.m.•8 views

CVE-2026-59093

Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and assignRoleToGroup handlers POST /authz/users/id/assign and /authz/groups/id/assign authorize only that the caller may assign role...

8.8CVSS5.8AI score0.00389EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:39 p.m.•8 views

CVE-2026-59092

JuiceFS through 1.3.1, fixed in commit a46979c, contains an authentication bypass vulnerability that allows unauthenticated remote attackers to access sensitive debug and metrics endpoints by exploiting improper handler registration on the shared http.DefaultServeMux. Attackers can request the...

7.7CVSS5.9AI score0.00266EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:39 p.m.•8 views

CVE-2026-58580

LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS and updateTranslate methods filter target rows by message id alone, omitting the userId scope that sibli...

6CVSS5.8AI score0.00154EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:38 p.m.•8 views

CVE-2026-58579

RAGFlow before 0.26.3 stores an agent pipeline DSL node name without sanitization: the agent update endpoint normalizes the submitted DSL via normalizedsl, which only performs JSON serialization validation and preserves the node name verbatim. The dataflow-result web UI then renders that name int...

5.4CVSS5.9AI score0.00182EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:38 p.m.•8 views

CVE-2026-58578

LobeChat before version 2.2.10-canary.15 contains a regular expression denial of service ReDoS vulnerability that allows authenticated attackers to block the Node.js event loop by supplying a catastrophic-backtracking pattern in a GitHub repository URL path during skill import. Attackers can craf...

7.1CVSS5.8AI score0.00305EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 7:37 p.m.•9 views

CVE-2025-71385

Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document into a text element without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a U...

6.1CVSS5.7AI score0.0024EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 6:35 p.m.•8 views

CVE-2026-13743

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication...

5.2CVSS5.9AI score0.00116EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 6:32 p.m.•8 views

CVE-2026-7311

The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteconvertedimagesize function in all versions up to, and including, 3.6.13. This makes it possible for authenticated attackers, with...

8.1CVSS6.5AI score0.0067EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/07/02 5:55 p.m.•7 views

CVE-2026-58465

Eclipse Wakaama before snapshot/2026-05-26 contains an unbounded memory allocation vulnerability in the CoAP Block1 handler within coap/block.c that allows unauthenticated remote attackers to exhaust server memory by sending a sequence of Block1 PUT requests with incrementing block numbers...

8.7CVSS6AI score0.00555EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 5:5 p.m.•10 views

CVE-2024-58352

Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input...

8.7CVSS6.2AI score0.00564EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 5:4 p.m.•11 views

CVE-2022-50973

Yonyou KSOA 9.0 contains an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet that allows unauthenticated attackers to upload arbitrary files by submitting a POST request with attacker-controlled filepath and filename parameters without any...

9.8CVSS6.2AI score0.0086EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 5:3 p.m.•8 views

CVE-2024-14037

Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution by uploading malicious files through the PtFjk.mob servlet endpoint. Attackers can submit a multipart POST request with a JSP webshell disguised using a spoofed...

9.8CVSS6.5AI score0.00708EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:52 p.m.•8 views

CVE-2026-8699

A stored Cross-Site Scripting XSS vulnerability has been identified in the web-based management interface of Archer C5 v6.8 routers, due to insufficient server-side validation and lack of proper output encoding of user-controlled input in a certain field. An attacker with administrative privilege...

7CVSS6AI score0.00177EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:15 p.m.•7 views

CVE-2026-50282

Craft CMS is a content management system CMS. Versions 5.0.0-RC1 and above, prior to 5.9.21 and versions 4.0.0-RC1 and above prior to 4.17.14 contain an authorization issue where a forced folder move can delete a conflicting destination folder without destination delete permission. Function...

7.1CVSS5.7AI score0.00207EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:6 p.m.•9 views

CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS5.8AI score0.00135EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:6 p.m.•7 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:6 p.m.•9 views

CVE-2026-54886

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.0033EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:6 p.m.•9 views

CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:6 p.m.•8 views

CVE-2026-54887

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:6 p.m.•8 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS5.8AI score0.00262EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:2 p.m.•8 views

CVE-2026-50281

Craft CMS is a content management system CMS. Versions 5.7.0 and above, prior to 5.9.21 contain a mass-assignment flaw in the bulk-duplicate element action. An attacker who is only able to duplicate their own entires can submit an arbitrary id through the newAttributes request parameter. The...

7.1CVSS5.9AI score0.00253EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 4:0 p.m.•9 views

CVE-2026-44935

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...

9.9CVSS5.8AI score0.00585EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/02 3:19 p.m.•8 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score0.00533EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
•added 2026/07/02 3:12 p.m.•8 views

CVE-2026-58455

Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit after an authentication redirect in loader.php combined with unsanitized input passed to shellexec in...

9.8CVSS6.1AI score0.0119EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:54 p.m.•8 views

CVE-2026-56004

A shellcode injection in the mercurial handler of the obs tarscm source service before version 0.12.4 could be used by attackers able to provide a service file to execute code as the source service or the local user checking out the malicious services...

10CVSS5.9AI score0.00375EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•9 views

CVE-2026-55119

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS5.8AI score0.00201EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•7 views

CVE-2026-56842

A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed...

7.5CVSS5.7AI score0.0019EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•7 views

CVE-2026-55114

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•7 views

CVE-2026-55112

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device...

7.5CVSS5.8AI score0.00198EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•6 views

CVE-2026-55115

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•6 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS5.8AI score0.00223EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•7 views

CVE-2026-55116

A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

9CVSS5.8AI score0.00229EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•8 views

CVE-2026-56841

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...

8.8CVSS5.8AI score0.00249EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•8 views

CVE-2026-55117

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS5.8AI score0.00382EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:50 p.m.•7 views

CVE-2026-55118

A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.3CVSS5.8AI score0.00195EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:49 p.m.•6 views

CVE-2026-54402

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device...

9.9CVSS5.8AI score0.00872EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:49 p.m.•6 views

CVE-2026-54401

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:49 p.m.•6 views

CVE-2026-55111

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Protect Floodlight devices to access files on the UniFi Protect Floodlight...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:49 p.m.•8 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/02 2:49 p.m.•34 views

CVE-2026-54406

A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...

8.7CVSS5.8AI score0.00325EPSS
Exploits0References2
Total number of security vulnerabilities75081