Lucene search
K
CvelistRecent

366251 matches found

Cvelist
Cvelist
added 2026/06/17 12:0 a.m.28 views

CVE-2025-66391

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account...

0.00383EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 12:0 a.m.20 views

CVE-2026-36418

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing attackers to execute...

0.00471EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 12:0 a.m.21 views

CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS0.00125EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/17 12:0 a.m.25 views

CVE-2025-26240

In JazzCore python-pdfkit 1.0.0, the fromstring method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files...

0.00392EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 11:35 p.m.25 views

CVE-2026-48797 Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication

Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the optional Reflex web UI exposes a training control plane without authentication: dataset upload, model load, training start/stop, multi-run orchestration, GGUF export, and...

9.3CVSS0.00324EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 11:10 p.m.19 views

CVE-2026-44587 CarrierWave has a denylisted_content_type bypass via Unescaped Regex Metacharacters

CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the contenttypedenylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. In...

4.7CVSS0.00223EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/16 11:8 p.m.28 views

CVE-2026-48616

Rocket.Chat versions 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file downloads at /file-upload/:fileId/:name authorize livechat access using rcroomtype=l with rcrid+rctoken, but the authorization path does not verify...

9.3CVSS0.00304EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 11:8 p.m.32 views

CVE-2026-48929

Rocket.Chat in versions 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, and 7.10.13 is vulnerable to unauthenticated file deletion. The deleteFileMessage Meteor method permanently deletes any uploaded file by ID without requiring authentication. When called via an unauthenticated DDP WebSocket...

7.5CVSS0.00723EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 10:49 p.m.22 views

CVE-2026-48782 pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. In versions 1.56.0 through 1.101.0, 2.0.0b1, and 2.0.0b2, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form that the previous fix, CVE-2026-46678...

6.8CVSS0.00332EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/16 10:29 p.m.24 views

CVE-2026-48788 Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing

Remark42 is a self-hosted comment engine for blogs, articles, or any other place where readers can add comments. Versions 1.6.0 through 1.15.0 contain a Cross-Site Scripting XSS vulnerability exploitable through content-type spoofing. The Remark42 image proxy fetches an arbitrary remote URL and...

8.2CVSS0.00251EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/16 10:19 p.m.25 views

CVE-2026-48745 Traccar Client: silent configuration hijack via unverified deep link redirects all GPS telemetry

Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...

9.3CVSS0.00323EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 9:43 p.m.27 views

CVE-2026-47277 Runtipi: Unauthenticated arbitrary file read through app-store logo symlinks

Runtipi is a personal homeserver orchestrator. In versions 4.9.1 through 4.9.3, Runtipi serves marketplace app logos from files inside cloned app-store repositories through an unauthenticated endpoint, which leads to arbitrary file read through app-store logo symlinks. The path guard checks only...

6.5CVSS0.00399EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 9:38 p.m.28 views

CVE-2026-48783 Postiz has an unauthenticated billing-enforcement bypass via /public/modify-subscription

Postiz is an AI social media scheduling tool. Versions prior to 2.21.8 contained an unauthenticated endpoint that accepted a signed token and applied subscription-enforcement side effects to the organization referenced in that token's claims, without verifying the token's intended purpose. The...

4.8CVSS0.0017EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/16 9:35 p.m.23 views

CVE-2026-2604 Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS0.00189EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/16 9:31 p.m.20 views

CVE-2026-48781 Postiz has cross-tenant SUPERADMIN takeover via Skool-provider JWT forgery

Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the Skool integration callback signed an attacker-controlled JSON blob into a session-shape JWT using the application's JWTSECRET, and the auth middleware trusted every claim in that JWT without re-resolving the user from...

9.9CVSS0.00209EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/16 9:26 p.m.36 views

CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS0.00782EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/16 9:25 p.m.25 views

CVE-2026-25470 WordPress ACPT (Pro) - Custom Post Types plugin for WordPress plugin <= 2.0.47 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in ACPT ACPT Pro - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT Pro - Custom Post Types Plugin for WordPress: from n/a through 2.0.47...

10CVSS0.00414EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:24 p.m.24 views

CVE-2026-39598 WordPress Academy LMS Pro plugin < 3.5.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server. This issue affects Academy LMS Pro: from n/a before 3.5.2...

8CVSS0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:23 p.m.24 views

CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:17 p.m.19 views

CVE-2026-48055 Streambert: Arbitrary File Write (Zip Slip) via Subtitle Extraction

Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction,...

10CVSS0.00621EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 9:3 p.m.41 views

CVE-2026-11409 OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

8.5CVSS0.02787EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/16 9:3 p.m.25 views

CVE-2026-11410 OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N

An authenticated OS command injection vulnerability exists in the BigPond Cable BPA WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

8.5CVSS0.02787EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.26 views

CVE-2026-49080 WordPress wpDataTables plugin <= 7.3.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in wpDataTables = 7.3.6 versions...

9.3CVSS0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.23 views

CVE-2026-49113 WordPress Cornerstone plugin < 7.8.8 - Arbitrary Code Execution vulnerability

Subscriber Arbitrary Code Execution in Cornerstone 7.8.8 versions...

8.5CVSS0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.25 views

CVE-2026-49057 WordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JobSearch = 3.2.7 versions...

7.5CVSS0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.23 views

CVE-2026-40761 WordPress Valeska theme <= 1.2.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Valeska = 1.2.2 versions...

8.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.23 views

CVE-2026-48869 WordPress Enfold theme <= 7.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Enfold = 7.1.4 versions...

7.1CVSS0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.22 views

CVE-2026-40759 WordPress Esmée theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Esmée = 1.4 versions...

8.1CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.21 views

CVE-2026-40760 WordPress Behold theme <= 1.5 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Behold = 1.5 versions...

8.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.21 views

CVE-2026-40758 WordPress Léonie theme <= 1.2.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Léonie = 1.2.1 versions...

8.1CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.25 views

CVE-2026-40755 WordPress TechLink theme <= 1.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in TechLink = 1.3 versions...

8.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.27 views

CVE-2026-40754 WordPress Roisin theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Roisin = 1.4 versions...

8.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.25 views

CVE-2026-40751 WordPress Ashtanga theme <= 1.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Ashtanga = 1.2 versions...

8.1CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.26 views

CVE-2026-40736 WordPress Laurits theme <= 1.5.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Laurits = 1.5.1 versions...

8.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2026-40739 WordPress LuxeDrive theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in LuxeDrive = 1.4 versions...

8.1CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2026-39580 WordPress Micdrop theme <= 1.3.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Micdrop = 1.3.1 versions...

8.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.27 views

CVE-2026-39578 WordPress Valiance theme <= 1.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Valiance = 1.2 versions...

5.5CVSS0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.26 views

CVE-2026-39577 WordPress Playroom theme <= 1.4.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Playroom = 1.4.1 versions...

5.5CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.26 views

CVE-2026-39568 WordPress Mr. SEO theme <= 2.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Mr. SEO = 2.0 versions...

8.1CVSS0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.25 views

CVE-2026-39557 WordPress NeoBeat theme <= 1.7 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in NeoBeat = 1.7 versions...

8.1CVSS0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2026-39567 WordPress Santé theme <= 1.5.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Santé = 1.5.1 versions...

8.1CVSS0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.28 views

CVE-2026-39554 WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Fidalgo = 1.2.2 versions...

8.1CVSS0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2026-39548 WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in MagOne = 9.0 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.23 views

CVE-2026-39549 WordPress Aperitif theme <= 1.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Aperitif = 1.5 versions...

8.1CVSS0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.25 views

CVE-2026-39547 WordPress Getaway theme < 1.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Getaway 1.8 versions...

8.1CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.26 views

CVE-2026-39529 WordPress Elementra theme <= 1.0.9 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Elementra = 1.0.9 versions...

9.8CVSS0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.31 views

CVE-2026-39539 WordPress Alloggio - Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Alloggio - Hotel Booking = 2.1.2 versions...

8.1CVSS0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.27 views

CVE-2026-39522 WordPress Solene theme <= 3.4 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Solene = 3.4 versions...

8.1CVSS0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2026-39443 WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in EmallShop = 2.4.21 versions...

8.1CVSS0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.28 views

CVE-2026-39446 WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Kapee 1.7.0 versions...

8.1CVSS0.00308EPSS
Exploits0References1
Total number of security vulnerabilities366251