Lucene search
K
CvelistMost viewed

365247 matches found

Cvelist
Cvelist
added 2026/05/07 1:25 a.m.58 views

CVE-2026-6222 Forminator Forms <= 1.51.1 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via 'forminator_action' Parameter

The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.51.1. This is due to the processRequest method in ForminatorAdminModuleEditPage admin/abstracts/class-admin-module-edit-page.php dispatching sensitive module-management actions —...

5.3CVSS0.00425EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/06 11:59 a.m.58 views

CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash

A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...

8.7CVSS0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.58 views

CVE-2026-43254 ovpn: tcp - fix packet extraction from stream

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

7.5CVSS0.00451EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.58 views

CVE-2026-43174 io_uring/zcrx: fix post open error handling

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...

0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.58 views

CVE-2026-43120 RDMA/irdma: Fix double free related to rereg_user_mr

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix double free related to reregusermr If IBMRREREGTRANS is set during reregusermr, the umem will be released and a new one will be allocated in irdmareregmrtrans. If any step of irdmareregmrtrans fails after the new...

7.8CVSS0.00122EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/05 2:15 p.m.58 views

CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

8.6CVSS0.00516EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/05 11:24 a.m.58 views

CVE-2026-42437 OpenClaw 2026.4.9 < 2026.4.10 - Denial of Service via Oversized WebSocket Frames in Voice-call Realtime Path

OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial of service vulnerability in the voice-call realtime WebSocket path that accepts oversized frames without proper validation. Remote attackers can send oversized WebSocket frames to cause service unavailability for deployments exposing th...

8.2CVSS0.00417EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/05 11:24 a.m.58 views

CVE-2026-42436 OpenClaw < 2026.4.14 - Internal Page Content Exposure via Browser Snapshot and Screenshot Routes

OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab routes that fail to consistently validate the final browser target after navigation. Authenticated callers can bypass SSRF restrictions to expose internal or disallowed page conten...

7.7CVSS0.00266EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 8:12 p.m.58 views

CVE-2026-42223 nginx-ui: Settings API Exposes Protected Secrets

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler api/settings/settings.go:24-65 serializes all settings structs to JSON and returns them to authenticated users. Many sensitive fields are tagged with protected:"true" - however, this tag...

6.5CVSS0.00295EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/04 4:28 p.m.58 views

CVE-2026-24118 VM2 Sandbox Breakout Through __lookupGetter__

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.0...

9.8CVSS0.00917EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/04 12:0 a.m.58 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

0.00335EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/03 9:30 a.m.58 views

CVE-2026-7689 Dolibarr ERP CRM Online Signature security.lib.php dol_verifyHash signature verification

A security flaw has been discovered in Dolibarr ERP CRM up to 23.0.2. This vulnerability affects the function dolverifyHash in the library htdocs/core/lib/security.lib.php of the component Online Signature Module. The manipulation results in improper verification of cryptographic signature. The...

6.3CVSS0.00145EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/02 11:16 a.m.58 views

CVE-2026-4061 Geo Mashup <= 1.13.18 - Unauthenticated Time-Based SQL Injection via 'map_post_type' Parameter

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'mapposttype' parameter in all versions up to, and including, 1.13.18. This is due to the SearchResults hook explicitly calling stripslashesdeep$POST which removes WordPress magic quotes protection, followed by...

7.5CVSS0.00311EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/24 6:25 p.m.58 views

CVE-2026-41328 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack require...

9.1CVSS0.00338EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/17 5:25 p.m.58 views

CVE-2026-5718 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.7. This is due to insufficient file type validation that occurs when custom blacklist types are configured, which replaces the default...

8.1CVSS0.04175EPSS
Exploits3References7
Cvelist
Cvelist
added 2026/04/15 9:6 a.m.58 views

CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid.

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...

6.3CVSS0.00392EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/17 6:48 p.m.58 views

CVE-2025-66614 Apache Tomcat: Client certificate verification bypass due to virtual host mapping

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.58 views

CVE-2026-21510 Windows Shell Security Feature Bypass Vulnerability

...

8.8CVSS0.25835EPSS
Exploits3References1
Cvelist
Cvelist
added 2026/02/06 5:52 p.m.58 views

CVE-2026-25723 Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...

7.7CVSS0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 8:12 p.m.58 views

CVE-2026-1801 Libsoup: libsoup: http request smuggling via malformed chunk headers

A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soupfilterinputstreamreadline logic, where libsoup accepts malformed chunk headers, such as lone line feed LF characters instead of the required...

5.3CVSS0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/28 7:30 p.m.58 views

CVE-2025-61726 Memory exhaustion in query parameter parsing in net/url

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

0.01945EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/28 3:15 p.m.58 views

CVE-2026-1536 Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header

A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...

5.8CVSS0.00298EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/09/08 7:37 p.m.58 views

CVE-2025-54994 @akoskm/create-mcp-server-stdio has Command Injection in MCP Server due to unsafe `exec` API

@akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP...

9.3CVSS0.01371EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/04 12:30 a.m.58 views

CVE-2025-58357 5ire Chat Message XSS Vulnerability Enables Remote Code Execution

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP server...

9.6CVSS0.00597EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/03 2:36 p.m.58 views

CVE-2025-58604 WordPress Mail Mint Plugin <= 1.18.5 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFunnels Mail Mint mail-mint allows SQL Injection.This issue affects Mail Mint: from n/a through = 1.18.5...

7.6CVSS0.00331EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/25 5:41 p.m.58 views

CVE-2025-6444 ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability

ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

5.9CVSS0.00394EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/18 12:17 a.m.58 views

CVE-2025-23252

The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to restricted components. A successful exploit of this vulnerability may lead to information disclosure...

4.5CVSS0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 6:20 p.m.58 views

CVE-2025-34509 Sitecore XM and XP Hardcoded Credentials

Sitecore Experience Manager XM and Experience Platform XP versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access...

7.5CVSS0.39961EPSS
Exploits6References2
Cvelist
Cvelist
added 2025/06/12 7:42 p.m.58 views

CVE-2025-2745 AVEVA PI Web API Cross-site Scripting

A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker with privileges to create/update annotations or upload media files to persist arbitrary JavaScript code that will be executed by users who were...

6.5CVSS0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/05 12:0 a.m.58 views

CVE-2025-5622 D-Link DIR-816 wirelessApcli_5g stack-based overflow

A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli5g of the file /goform/wirelessApcli5g. The manipulation of the argument apclimode5g/apclienc5g/apclidefaultkey5g leads to stack-based buffer overflow. The attack...

10CVSS0.02009EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/27 8:51 p.m.58 views

CVE-2025-5198 Stackrox: xss in stackrox

A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object that is applied to a secured cluster. This obje...

5CVSS0.00227EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/04 6:31 a.m.58 views

CVE-2025-4249 PHPGurukul e-Diary Management System manage-categories.php sql injection

A vulnerability was found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage-categories.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit h...

7.5CVSS0.00432EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/02 5:22 a.m.58 views

CVE-2025-3488 WPML Multilingual CMS 3.6.0 - 4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpml_language_switcher Shortcode

The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmllanguageswitcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/01 5:20 p.m.58 views

CVE-2025-46337 SQL injection in ADOdb PostgreSQL driver pg_insert_id() method

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...

10CVSS0.00664EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/24 11:44 a.m.58 views

CVE-2025-27820 Apache HttpComponents: PSL (Public Suffix List) validation bypass

A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release...

0.00745EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/20 6:31 a.m.58 views

CVE-2025-3822 SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scripting

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file changepassword.php. The manipulation of the argument txtconfirmpassword/txtnewpassword/txtoldpassword leads to cro...

4.8CVSS0.00393EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/09 5:48 p.m.58 views

CVE-2025-3474 Panels - Critical - Access bypass - SA-CONTRIB-2025-033

Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0...

0.00361EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 3:37 p.m.58 views

CVE-2025-32378 Shopware's default newsletter opt-in settings allow for mass sign-up abuse

Shopware is an open source e-commerce software platform. Prior to 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-in for registere...

6.9CVSS0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 9:9 p.m.58 views

CVE-2025-27608 Self Cross-Site Scripting in Arduino IDE

Arduino IDE 2.x is an IDE based on the Theia IDE framework and built with Electron. A Self Cross-Site Scripting XSS vulnerability has been identified within the Arduino-IDE prior to version v2.3.5. The vulnerability occurs in the Additional Board Manager URLs field, which can be found in the...

4.6CVSS0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/01 12:28 p.m.58 views

CVE-2025-1659 DWFX File Parsing Out-of-Bounds Read Vulnerability

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS0.00212EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/24 6:37 p.m.58 views

CVE-2025-27112 Navidrome has authentication bypass in Subsonic API with non-existent username

Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system,...

6.9CVSS0.00936EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/11 5:58 p.m.58 views

CVE-2025-21367 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

7.8CVSS0.0063EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.58 views

CVE-2025-20029 BIG-IP iControl REST and tmsh vulnerability

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell tmsh save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS0.0707EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/01/09 8:21 p.m.58 views

CVE-2024-13297 Eloqua - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-063

Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This issue affects Eloqua: from 7.X- before 7.X-1.15...

0.00399EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/20 3:37 a.m.58 views

CVE-2023-42867

This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges...

0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/25 7:37 a.m.58 views

CVE-2024-10451 Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process

A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...

5.9CVSS0.00937EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/11/14 2:51 p.m.58 views

CVE-2022-2232 Keycloak: ldap injection on username input

A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions...

7.5CVSS0.00642EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/12 5:49 p.m.58 views

CVE-2024-8068 Privilege escalation to NetworkService Account access

Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain...

5.1CVSS0.01399EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/12 4:44 p.m.58 views

CVE-2024-49369 Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS0.02934EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/11/09 2:7 p.m.58 views

CVE-2024-51613 WordPress TradeMe widgets plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bidbud TradeMe widgets trademe-widget allows Stored XSS.This issue affects TradeMe widgets: from n/a through = 1.2...

6.5CVSS0.00243EPSS
Exploits0References1
Total number of security vulnerabilities5000