Lucene search
K
CvelistRecent

363366 matches found

Cvelist
Cvelist
•added 4 days ago•35 views

CVE-2026-54263 Wagtail: Reflected XSS in dynamic image URL generator view

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting XSS vulnerability exists on the dynamic image URL generator view within the Wagtail admin interface. A user with a limited-permission editor account for...

7.3CVSS0.00203EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•38 views

CVE-2026-54262 Wagtail: Pages translations can be created without page permissions when using simple_translation

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, a low-level user with the "Can submit translation" permission can create translations for any page, including those they do not have permissions for. This issue has been fixed in...

4.3CVSS0.00162EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-54261 Wagtail: Improper permission handling in image preview

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, due to a missing permission check on the image preview endpoint, a user with access to the Wagtail admin can preview any image. The existing data of the image object itself is not...

6.5CVSS0.00201EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-54259 Wagtail: Improper restriction handling on Documents and Images chosen endpoints

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, the Documents and Images chooser's chosen endpoint incorrectly listed items for which the user has not been granted choose permission. A user with access to the Wagtail admin could se...

4.3CVSS0.00162EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•38 views

CVE-2026-54260 Wagtail: Denial of service via unbounded filter specs in the image preview

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, an authenticated admin user can trigger expensive rendition processing with purposefully crafted filter specs resulting in potentially service degradation. The vulnerability is not...

4.3CVSS0.0022EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-14340 An incorrect authorization vulnerability in GitHub Enterprise Server allows issue creation in unrelated public repositories

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App installation to perform certain write operations on public repositories outside the token's intended scope. This was possible because the authorization...

5.3CVSS0.00284EPSS
Exploits0References6
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-54720 Silverstripe Framework: Possible XSS attack through media embed

Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. In versions prior to 6.2.2, the "Insert media from web" functionality in the CMS is vulnerable to XSS from a specially crafted embed. This issue was fixed in version 6.2.2/...

5.4CVSS0.00263EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-55660 TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS0.00196EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•30 views

CVE-2026-54074 @tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-55661 TinaCMS rich-text (slatejson) rendering does not sanitize link/image URLs, allowing stored XSS via dangerous URL schemes

Tina is a headless content management system. In versions prior to @tinacms/mdx 2.1.7 and tinacms 3.9.3, rich-text parsing and the default link/image renderers did not sanitize the url field on Slate link/image nodes. Content containing javascript: or data:text/html URLs — including case-variant,...

4.8CVSS0.00239EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-58263 Jodit Editor: Mutation XSS in jodit clean-html via a MathML/style rawtext carrier

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.28, the built-in clean-html sanitizer can be bypassed by a MathML/ carrier that hides a dangerous element from the sanitizer's element walk, so a no-interaction event...

7.2CVSS0.00179EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-54756 Jodit Editor: Prototype pollution via Jodit.configure() / ConfigMerge

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.18, Jodit.configureoptions — and the internal ConfigMerge / ConfigProto helpers — merged user-supplied options into the editor configuration without filtering...

6.3CVSS0.00273EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-55886 Jodit Editor: Prototype Pollution in Jodit via Jodit.modules.Helpers.set()

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. Versions prior to 4.12.26 are vulnerable to Prototype Pollution through Jodit.modules.Helpers.setchain, value, obj, which walks the dot-separated chain, creating and following each path segment...

6.3CVSS0.00315EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-50521 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.3CVSS0.00823EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•35 views

CVE-2026-54786 Wasmtime: Leak in WASIp1 `fd_renumber` implementation

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

2.3CVSS0.00217EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-55153 mchange-commons-java contains elements susceptible to abuse via JNDI injection and "deserialization gadgets"

mchange-commons-java is a Java library of shared utility classes used by mchange projects like the c3p0 connection pool. Prior to version 0.6.0, its JNDI ObjectFactory implementation com.mchange.v2.naming.JavaBeanObjectFactory will construct objects of arbitrary classes and initialize...

7.1CVSS0.00327EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-55688 AsyncHttpClient: Cookie stored for an unrelated domain (cookie tossing) via ThreadSafeCookieStore

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to 3.0.11, ThreadSafeCookieStore stored a cookie under the value of its Domain attribute without...

4CVSS0.00179EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-54908 Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHEPSK ServerKeyExchange message. This issue has been fixed in version 3.1.4...

6.3CVSS0.0032EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-14265 RCE via Deserialization in AWS Advanced JDBC Wrapper

Deserialization of untrusted data in the RemoteQueryCachePlugin in Amazon Web Services AWS Advanced JDBC Wrapper 3.3.0 through 4.0.0 might allow an actor with write access to the shared cache infrastructure to execute arbitrary code on application servers that read cached query results via a...

7.7CVSS0.00407EPSS
Exploits0References3
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-58593 NodeBB - ActivityPub Author Spoofing via Unvalidated attributedTo Mapped to Local User

NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedT...

8.7CVSS0.00191EPSS
Exploits1References3
Cvelist
Cvelist
•added 4 days ago•29 views

CVE-2026-58592 Ladybird - Web-Reachable Code Execution via Dangling FunctionType Reference in WebAssembly ESM Integration

Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. When a JavaScript function is imported into a WebAssembly module via the ESM path, WebAssemblyModule.cpp passes a stack-local Wasm::FunctionType by reference to createhostfunction, whose ho...

8.9CVSS0.00311EPSS
Exploits0References3
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-49858 API Platform Core: Cross-user attribute leak in JSON:API and HAL item normalizers due to missing isCacheKeySafe gate

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. In versions from 2.6.0 prior to 4.1.29, 4.2.26, and 4.3.12, a missing isCacheKeySafe gate in the JSON:API and HAL item normalizers causes a cross-user attribute leak. ApiPropertysecurity: ... is evaluated per request...

5.9CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-58457 Shenzhen Aitemi M300 MT02 Unauthenticated OS Command Injection via protocol.csp

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS0.01671EPSS
Exploits0References3
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-14363 Cargo Extension: SQLi in Special:Drilldown

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS0.00255EPSS
Exploits0References3
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-54164 API Platform Core: Missing IRI type check enables resource type confusion

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. In versions prior to 4.1.30, 4.2.26 and 4.3.12, the serializer's AbstractItemNormalizer does not validate the resource type returned when resolving relation IRIs, allowing type confusion where a resource of an...

6.5CVSS0.00195EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-13760 OS Command Injection in aws-cdk-lib Docker Bundling

OS command injection in the NodejsFunction Docker bundling pipeline OsCommand helper in AWS aws-cdk-lib on all platforms might allow a actor who controls dependency version strings in a project's package.json file to execute arbitrary commands on the host running the CDK toolchain via injected...

7.3CVSS0.0061EPSS
Exploits0References3
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-55597 ImageMagick: Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26...

5.5CVSS0.00103EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•37 views

CVE-2026-55595 ImageMagick: Infinite Loop in connected-components when providing invalid arguments

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS0.0009EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-55594 ImageMagick: Stack Overflow in MVG decoder due to missing depth check.

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and...

5.3CVSS0.00241EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-55577 ImageMagick: Heap Buffer Overflow in ImageMagick MVG decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

5.9CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-55510 ImageMagick: Use-After-Free in crafted 8BIM when identifying an image

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51...

5.5CVSS0.00103EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-53467 ImageMagick: Information Disclosure in MNG decoder because allocated memory is left unchanged

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versio...

5.3CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-14358 Stored XSS in Wikimedia Chart pie tooltip via Data:*.tab field title

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting XSS. This issue affects Mediawiki - Charts Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS0.00268EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•30 views

CVE-2026-41121

Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access 'Link Following’ vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

7.3CVSS0.00124EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-13769 Overly permissive File Permissions in AWS CLI

Overly permissive file permissions in AWS CLI before 1.44.78 v1 and 2.34.29 v2 on Unix-like systems where the umask has not been configured to restrict file permissions the default on most systems may allow other local users on the same host to read credentials written by certain CLI subcommands...

6.8CVSS0.00101EPSS
Exploits0References4
Cvelist
Cvelist
•added 4 days ago•32 views

CVE-2026-49119 Gradio < 6.16.0 Path Traversal via FileExplorer.preprocess()

Gradio before 6.16.0 contain a path traversal vulnerability in the FileExplorer component's preprocess method that allows unauthenticated attackers to escape the configured root directory by supplying path segments containing directory traversal sequences or absolute paths. Attackers can provide...

8.7CVSS0.0069EPSS
Exploits0References4
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-58517 Blocked users can create and edit WikiLambda objects

Improper neutralization of input terminators vulnerability in The Wikimedia Foundation Mediawiki - WikiLambda Extension allows Authentication Bypass. This issue affects Mediawiki - WikiLambda Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS0.00342EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•35 views

CVE-2026-53466 ImageMagick: Heap Buffer Over-Read in XCF decoder due to integer conversion overflow

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been...

6.5CVSS0.0022EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-55628 ImageMagick: Policy Bypass in concatenate operation due to missing checks

In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...

5.5CVSS0.00098EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS0.00379EPSS
Exploits0References6
Cvelist
Cvelist
•added 4 days ago•38 views

CVE-2026-53489 containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS0.00208EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•35 views

CVE-2026-53492 containerd CRI checkpoint restore CDI annotation smuggling

containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image metadata during container restoration. When restoring a container from a...

8.4CVSS0.00412EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•35 views

CVE-2026-50195 containerd: CRI checkpoint import allows local image tag poisoning

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

5.6CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-50160 Mass Assignment via Onboarding Endpoint Allows Unauthenticated JWT_SECRET Overwrite

Hoppscotch is an API development ecosystem. In self-hosted deployments of hoppscotch-backend from version 2026.4.1 and earlier, the unauthenticated POST /v1/onboarding/config endpoint is vulnerable to mass assignment. The global NestJS ValidationPipe is configured without whitelist: true, so extr...

10CVSS0.0059EPSS
Exploits1References2
Cvelist
Cvelist
•added 4 days ago•34 views

CVE-2026-47262 containerd image-triggered runtime DoS via unbounded group parsing

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...

5.3CVSS0.00317EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•35 views

CVE-2026-57737 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta LTD Shortcodes and extra features for Phlox theme allows DOM-Based XSS. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.16...

6.5CVSS0.00139EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•33 views

CVE-2026-57736 WordPress HubSpot plugin <= 11.3.51 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in HubSpot allows Retrieve Embedded Sensitive Data. This issue affects HubSpot: from n/a through 11.3.51...

7.4CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
•added 4 days ago•37 views

CVE-2026-46680 containerd user ID handling bypass allows runAsNonRoot evasion

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.3CVSS0.00221EPSS
Exploits1References1
Cvelist
Cvelist
•added 4 days ago•31 views

CVE-2026-58521 SQLi in Cargo extension via year range filter

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS0.00247EPSS
Exploits0References2
Cvelist
Cvelist
•added 4 days ago•36 views

CVE-2026-49091 Improper Output Neutralization for Logs in Kibana Leading to Log Injection

Improper Output Neutralization for Logs CWE-117 in Kibana can lead to log injection via Log Injection-Tampering-Forging CAPEC-93. An attacker can supply specially crafted input that is written to log files without proper neutralization. When the log files are subsequently viewed in a terminal tha...

8CVSS0.00201EPSS
Exploits0References1
Total number of security vulnerabilities363366