Lucene search
K
AttackerkbRecent

75075 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.7 views

CVE-2026-56363

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash...

4.8CVSS5.8AI score0.00111EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.8 views

CVE-2026-56361

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations...

4.8CVSS6AI score0.00128EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56356

n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...

5.4CVSS5.6AI score0.00177EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56334

Capgo before 12.128.2 lacks an UPDATE row-level security policy for the buildrequests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving buildreques...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.5 views

CVE-2026-56350

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor...

6.3CVSS5.8AI score0.00258EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.4 views

CVE-2026-56333

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser,...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.5 views

CVE-2026-56328

Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed /updates requests without defaultChannel implicitly resolve to a single hidden winner channel. An authorized app or channel manager can create ambiguous default update stat...

7.1CVSS5.8AI score0.00247EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56331

Capgo before 12.128.2 contains improper error handling in the /private/acceptinvitation endpoint that returns HTTP 500 instead of safe 4xx errors when magicinvitestring is invalid. Attackers can trigger this vulnerability using only the public key by submitting malformed magicinvitestring values ...

6.9CVSS5.8AI score0.0025EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.5 views

CVE-2026-56327

Capgo before 12.128.2 contains an information disclosure vulnerability in the public.inviteusertoorg RPC function that allows unauthenticated attackers to enumerate organization existence by observing distinct error responses. Attackers can call the SECURITY DEFINER function with a publishable AP...

6.9CVSS5.8AI score0.00261EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.3 views

CVE-2026-56320

Capgo before 12.128.2 contains an authorization flaw in POST /private/createdevice that accepts a caller-supplied orgid parameter without validating it matches the target app's owner organization. Authenticated attackers can create device records for an application using a foreign organization...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.5 views

CVE-2026-56300

Capgo before 12.128.2 contains unauthenticated security definer RPC functions getuserid and getorgpermforapikey that expose API key validity oracles and user UUID disclosure. Unauthenticated attackers using the public API key can validate leaked keys, enumerate users and apps, and determine...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56318

Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validatepasswordcompliance endpoint that returns different error responses for malformed, non-existent, and existing organization IDs. Unauthenticated attackers can enumerate valid organization UUIDs by observi...

6.9CVSS5.8AI score0.00261EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56286

Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that allows deletion without password re-authentication or secondary verification. Attackers can delete user accounts via session hijacking, CSRF attacks, or parameter tampering, resulting in...

8.1CVSS5.8AI score0.00353EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56277

Flowise before 3.1.2 sets Access-Control-Allow-Origin to a hardcoded wildcard on its text-to-speech TTS generation endpoint packages/server/src/controllers/text-to-speech/index.ts, independent of the server's configured CORS policy. This bypasses the server's otherwise restrictive default CORS...

6.9CVSS5.8AI score0.00136EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.7 views

CVE-2026-56278

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses a weak hardcoded default secret 'flowise' for the express-session middleware when the EXPRESSSESSIONSECRET environment variable is not set packages/server/src/enterprise/middleware/passport/index.ts. Because this default secret is...

9.3CVSS5.8AI score0.0036EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56264

Crawl4AI before 0.8.7 contains an arbitrary JavaScript execution vulnerability in the Docker API server's /executejs endpoint, which accepts and executes arbitrary user-supplied JavaScript in the server's browser context with --disable-web-security enabled. An attacker can execute arbitrary...

9.2CVSS6.2AI score0.00334EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.15 views

CVE-2026-56249

Capgo before 12.128.2 contains an authorization bypass vulnerability in the channel creation endpoint that allows authenticated users to overwrite existing channels by reusing their names. Attackers with app.createchannel permission can exploit a logic mismatch between existence validation and...

7.6CVSS5.8AI score0.00257EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56247

Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope without validating role scope compatibility, including to pending invitees. Attackers can pre-seed malformed high-privilege bindings that survive invite acceptance, enabling accepted low-privilege users to perfor...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.5 views

CVE-2026-56233

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...

8.7CVSS5.8AI score0.00451EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.7 views

CVE-2026-56230

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS5.8AI score0.00322EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.7 views

CVE-2026-56224

Capgo console.capgo.app/login before 12.128.2 accepts accesstoken and refreshtoken in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious links to force victims into attacker-controlled sessions, exposing tokens in browser history and logs...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.6 views

CVE-2026-56219

Capgo before 12.128.2 contains a NULL-auth bypass vulnerability in the public.getorguseraccessrbac function that allows unauthenticated attackers to retrieve RBAC role bindings and member email addresses. Attackers can exploit improper NULL comparison in the authorization gate to disclose...

8.7CVSS5.7AI score0.00341EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:5 p.m.5 views

CVE-2026-54696

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dumpobj, io and JSON::Stategenerateobj, io can write past the internal JSON generat...

3.7CVSS6AI score0.00301EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:39 p.m.7 views

CVE-2026-10585

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q category. The...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 8:21 p.m.7 views

CVE-2026-9106

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the managerunners:org scope and directing ...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 8:3 p.m.8 views

CVE-2025-36372

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information to an authenticated user from the monitoring and event tables...

5.5CVSS5.7AI score0.00303EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 8:2 p.m.6 views

CVE-2026-10109

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling...

9.8CVSS6.4AI score0.0086EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:59 p.m.7 views

CVE-2026-10129

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges flow author role can bypass SSRF protections by enabling the followredirects parameter and supplying a...

8.5CVSS5.8AI score0.00185EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:56 p.m.6 views

CVE-2026-10134

IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process, read and modify every flow, conversation, message, file upload, and saved component in the Langflow database, can connect to internal services, abuse cloud metadata endpoints, laterally...

10CVSS5.8AI score0.00314EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:55 p.m.7 views

CVE-2026-10140

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials,...

9.6CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:54 p.m.7 views

CVE-2026-10546

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:53 p.m.6 views

CVE-2026-10560

IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/buildpublictmp/ endpoints that allows an unauthenticated attacker to read build event data or cancel jobs using a valid job identifier, resulting in information disclosure and denial of service...

8.2CVSS5.8AI score0.00272EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:51 p.m.8 views

CVE-2026-10564

IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...

8.2CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:51 p.m.7 views

CVE-2026-11546

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:50 p.m.7 views

CVE-2026-11595

IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system...

4.3CVSS5.8AI score0.00474EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:47 p.m.9 views

CVE-2026-11708

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:45 p.m.7 views

CVE-2026-11712

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:44 p.m.7 views

CVE-2026-11714

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled...

8.5CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:43 p.m.8 views

CVE-2026-11806

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...

7.2CVSS5.9AI score0.00472EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:42 p.m.6 views

CVE-2026-11906

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns...

6.5CVSS5.8AI score0.0042EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:39 p.m.6 views

CVE-2026-12084

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

5.4CVSS5.8AI score0.00162EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:38 p.m.7 views

CVE-2026-12085

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attack...

6.5CVSS5.7AI score0.00234EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:36 p.m.7 views

CVE-2026-12086

IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 stores potentially sensitive information in log files that could be read by a local user...

6.2CVSS5.8AI score0.00101EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:32 p.m.9 views

CVE-2026-13449

IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

7.6CVSS5.8AI score0.00406EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:24 p.m.7 views

CVE-2026-13759

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships three ObjectInputStream subclasses WsObjectInputStream, ObjectStreamPool$ReusableInputStream, ObjectInputStreamResolver that install no JEP-290 class filter; when Coherence is on the classpath, multiple RCE gadget chains including...

7.5CVSS6.2AI score0.00303EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:21 p.m.8 views

CVE-2026-13772

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object Query Language engine resolves attacker-supplied class names via Class.forName and invokes their constructors with no allow-list at three distinct sinks SELECT NEW, enum literals, and reflection-based comparators; an authenticated remo...

7.5CVSS6.1AI score0.00283EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:20 p.m.8 views

CVE-2026-13773

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated CORBA stub classes in WebSphere eXtreme Scale's ogclient.jar call ORB.stringtoobject on an attacker-controlled IOR string during Java deserialization, turning any unfiltered ObjectInputStream sink in WAS into outbound...

6CVSS6.4AI score0.03415EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:19 p.m.6 views

CVE-2026-3602

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

4.7CVSS5.9AI score0.00183EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:16 p.m.7 views

CVE-2026-7663

IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.1CVSS5.8AI score0.00259EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:15 p.m.6 views

CVE-2026-7803

IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow nodes with missing or empty component type fields...

9.8CVSS6.4AI score0.00357EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities75075