Lucene search
K
AttackerkbRecent

74667 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/23 6:11 p.m.8 views

CVE-2026-54320

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitations could be accepted and declined by a user whose email matched the invitation but had not been verified. Daytona authenticates users via OIDC and...

8.4CVSS6.2AI score0.00215EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:10 p.m.6 views

CVE-2026-54321

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private could remain reachable without authentication for a short period after the change, due to a cached...

7CVSS6.3AI score0.00249EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:8 p.m.5 views

CVE-2026-54319

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume reference volumeId, which may also be a volume name was forwarded to the runner and used to build the host bind-mount source path without confinement. A...

4.2CVSS6.2AI score0.00171EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:7 p.m.8 views

CVE-2026-54322

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organization role update and delete endpoints authorized the caller as an owner of the organization named in the request path, but resolved and mutated the targe...

7.7CVSS6.3AI score0.00186EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:7 p.m.7 views

CVE-2026-54324

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification...

6.5CVSS6.3AI score0.00275EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:6 p.m.5 views

CVE-2026-54323

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, the daemon's git clone implementation disabled TLS certificate verification. When a clone request carried Git credentials, the daemon sent the HTTP Basic Authorization...

5.9CVSS6.4AI score0.00117EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:0 p.m.7 views

CVE-2020-9695

Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

7.8CVSS6.4AI score0.00176EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:58 p.m.5 views

CVE-2020-9711

Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation o...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:56 p.m.5 views

CVE-2026-45135

Caddy is an extensible server platform that uses TLS by default. From 2.7.0 until 2.11.3, the FastCGI transport's splitPos in modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct fla...

8.1CVSS6.5AI score0.00399EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:55 p.m.7 views

CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

5.4CVSS5.8AI score0.00144EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:52 p.m.5 views

CVE-2026-52845

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header before copying the trusted value from the auth gateway. But when the request later goes through phpfastcgi, Caddy normalizes HTTP headers int...

8.1CVSS5.9AI score0.00246EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:50 p.m.6 views

CVE-2026-52844

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\secret.txt as outside /private/, but fileserver later resolves the same request path as private\secret.txt on disk. An unauthenticated remote client can bypass Caddy...

7.5CVSS5.9AI score0.00409EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:47 p.m.6 views

CVE-2026-52846

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, such as img src=x onerror=alert, can bypass the tag-stripping logic, potentially leaving dangerous...

4.2CVSS5.8AI score0.00153EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:47 p.m.6 views

CVE-2020-9713

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:43 p.m.7 views

CVE-2026-54157

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST body and fetches it server-side without any authentication. An attacker can use this to make...

9CVSS6.1AI score0.0178EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:42 p.m.5 views

CVE-2026-0864

When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters \r the resulting file could be injected with unexpected keys and values if the attacker controls the written value...

4.1CVSS5.8AI score0.00128EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:40 p.m.6 views

CVE-2026-54318

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissions, can broadcast a forged Google Play Services...

7.1CVSS5.9AI score0.00113EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:39 p.m.4 views

CVE-2026-54317

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False....

7.6CVSS5.8AI score0.00193EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:36 p.m.4 views

CVE-2026-53662

immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting XSS vulnerability on the /auth/login page allows an attacker to fully compromise any authenticated user's account with a single link click. The contin...

9.6CVSS5.8AI score0.00235EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:26 p.m.4 views

CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

2.9CVSS5.8AI score0.0011EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:24 p.m.5 views

CVE-2026-55517

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket handshake response, Deno parsed the Sec-WebSocket-Protocol and Sec-WebSocket-Extensions response...

4.3CVSS5.9AI score0.00183EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:21 p.m.4 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:8 p.m.5 views

CVE-2026-54257

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow. Most apps will crash and some may perform incorrect buffer allocations in t...

9.3CVSS6AI score0.00253EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:6 p.m.7 views

CVE-2026-54316

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS5.9AI score0.00403EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:50 p.m.5 views

CVE-2026-54008

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/openwebui/utils/oauth.py::processpictureurl calls validateurlpictureurl on the initial URL only, then invokes aiohttp.ClientSession.getpictureurl, ... without...

8.5CVSS5.9AI score0.00203EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:49 p.m.5 views

CVE-2026-54009

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the...

6.5CVSS5.9AI score0.00225EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:48 p.m.6 views

CVE-2026-54010

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated user attach arbitrary fileid values to their own chat message without checking whether they own or can read those files. If the attacker then shares...

8.3CVSS6AI score0.00241EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:47 p.m.6 views

CVE-2026-54011

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

8.7CVSS6AI score0.002EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:47 p.m.6 views

CVE-2026-54012

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can create, update, or import workspace models store arbitrary meta.knowledge entries on their model without checking whether they own or can read the...

7.1CVSS6AI score0.00198EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:46 p.m.5 views

CVE-2026-54013

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

7.6CVSS5.8AI score0.00174EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:45 p.m.8 views

CVE-2026-54014

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

4.3CVSS5.9AI score0.00244EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:44 p.m.6 views

CVE-2026-54015

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-history endpoints authorize the promptid in the URL but then act on caller-supplied history IDs without verifying that the history row belongs to that...

6.4CVSS5.9AI score0.00169EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:43 p.m.5 views

CVE-2026-54016

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no...

4.3CVSS6AI score0.00226EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:42 p.m.5 views

CVE-2026-54018

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only ...

7.7CVSS5.9AI score0.00287EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:41 p.m.5 views

CVE-2026-54019

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus multitenancy mode is enabled. The ACL allows unknown non-KB collection names as...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:40 p.m.4 views

CVE-2026-57053

GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idnatounicodeinternal. The affected code is not present in libidn2...

4CVSS5.9AI score0.0011EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:39 p.m.4 views

CVE-2026-54021

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS6AI score0.0021EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:38 p.m.9 views

CVE-2026-54022

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.IO handler checks note ownership only when the documentid starts with note: colon. However, the YdocManager storage layer normalizes all document IDs b...

5.3CVSS5.9AI score0.00268EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:28 p.m.5 views

CVE-2026-55255

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

9.9CVSS6AI score0.0056EPSS
Exploits2References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:27 p.m.5 views

CVE-2026-55423

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability is fixed in 1.7.0...

6.1CVSS5.9AI score0.00152EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:26 p.m.4 views

CVE-2026-55446

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.0.19, an attacker can send a /api/v1/files/upload/ request without any authentication token/cookies and abuse a very long multipart form boundary to make the langflow app unusable for all users for an...

7.5CVSS5.9AI score0.00321EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:21 p.m.3 views

CVE-2026-55447

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, an attacker can direct the node to read any file on the file-system by absolute path. All components based on BaseFileComponent are vulnerable to t...

9.6CVSS5.9AI score0.00411EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:18 p.m.9 views

CVE-2026-56968

GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsaslntlmclientstep in the NTLM client, which could result in memory disclosure via a crafted server...

3.7CVSS5.8AI score0.00241EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:17 p.m.4 views

CVE-2026-55450

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the...

9.3CVSS5.9AI score0.00332EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:14 p.m.5 views

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS5.9AI score0.00093EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:12 p.m.4 views

CVE-2025-13162

Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1...

4.4CVSS5.8AI score0.00083EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:11 p.m.4 views

CVE-2026-56116

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:8 p.m.5 views

CVE-2026-56115

Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function in internal/auth/auth.go, which validates JWT tokens and account status but...

8.8CVSS5.9AI score0.00307EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:8 p.m.6 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score0.00175EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:5 p.m.5 views

CVE-2026-56113

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS5.9AI score0.00175EPSS
Exploits0References3
Total number of security vulnerabilities74667