Lucene search
K
CvelistRecent

363492 matches found

Cvelist
Cvelist
added 2026/06/26 4:42 p.m.35 views

CVE-2026-54341 Dragonfly: RESTORE operations may crash the server

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, crashing the entire server process SIGSEGV. Because DragonflyDB requires no authentication by defaul...

7.5CVSS0.00399EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:39 p.m.34 views

CVE-2026-47206 Dragonfly: RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.9, Dragonfly has a RESP Protocol Injection via Lua redis.errorreply in EvalSerializer. An authenticated user can inject arbitrary RESP messages into the connection's response stream, potentially causing...

2.3CVSS0.00283EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 4:33 p.m.35 views

CVE-2026-48529 GitHub MCP Server: Lockdown mode singleton in HTTP server causes cross-user GraphQL client confusion

GitHub MCP Server is GitHub's official MCP Server. From 0.22.0 until 1.1.2, when running in HTTP mode with --lockdown-mode enabled, the RepoAccessCache is implemented as a process-global singleton initialized with the first authenticated user's GraphQL client. All subsequent requests from differe...

6CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 4:30 p.m.32 views

CVE-2026-55686 Podman: WORKDIR symlink traversal vulnerability

Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...

5.3CVSS0.00317EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/26 4:29 p.m.36 views

CVE-2026-57231 Podman: Malformed Image can trick podman run into leaking host environment variables into the container

Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container. This is made worse by the fact that using an asterisk wi...

7.5CVSS0.0026EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:23 p.m.34 views

CVE-2026-54636 Dokku: OS Command Injection via app.json managed Cron

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...

9CVSS0.00274EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:23 p.m.35 views

CVE-2026-28385 SSRF via image import from URL allows internal network probing by authenticated users

In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...

5CVSS0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:23 p.m.35 views

CVE-2026-45405 Dokku: Arbitrary File Write via Tar Symlink Traversal in git:from-archive and certs:add

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preventing symlink traversal. GNU tar creates symlinks during extraction and follows them for subsequen...

9CVSS0.00289EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:22 p.m.33 views

CVE-2026-45406 Dokku: Host RCE via Maliciously Named OpenResty Include Files Injected Through eval

Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository directory to the host and then interpolates their filenames, unescaped, into a single-quoted shell string that is later parsed by eval. A filename...

9CVSS0.00274EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:21 p.m.34 views

CVE-2026-45407 Dokku: Git Credentials in .netrc Stored World-Readable Due to Premature touch

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...

5CVSS0.00089EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:19 p.m.33 views

CVE-2026-45408 Dokku: OS Command Injection via App Name in Git Pre-Receive Hook

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:15 p.m.33 views

CVE-2026-55677 Echo: Encoded slash (%2F) bypasses route-level protection and exposes static files

Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the raw encoded path preserving %2F as-is, while StaticDirectoryHandler unescapes %2F to / before resolving filesystem paths. This allows an...

7.5CVSS0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 4:11 p.m.33 views

CVE-2025-32394 AutoGPT: There is a DoS vulnerability in AITextSummarizerBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in AITextSummarizerBlock. Malicious users can amplify their input. For example, if a malicious user inputs 10K of content, the...

5.3CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 4:9 p.m.34 views

CVE-2026-11779 PayloadCMS 3.84.1 - Authenticated account lockout bypass through default unlock access

An Improper Authorization vulnerability exists in PayloadCMS version 3.84.1 due to insufficient access control on the account unlock operation...

5.3CVSS0.00235EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:9 p.m.31 views

CVE-2025-32423 AutoGPT: There is a DoS vulnerability in ExtractTextInformationBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in ExtractTextInformationBlock. Malicious users can amplify their input. For example, if a malicious user inputs 10K of content,...

5.3CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 4:4 p.m.33 views

CVE-2026-56663 AutoGPT: SSRF-to-RCE Chain in `SendWebRequestBlock` via IP validation bypass and internal `pg-meta` access

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP protections in SendWebRequestBlock and reach internal network services. isipblocked in...

8.5CVSS0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 4:2 p.m.33 views

CVE-2026-56823 AutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration and Cross-User Ping Triggering

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the POST /api/integrations/webhooks/webhookid/ping endpoint fetches the target webhook by primary key alone without verifying that the webhook belongs to the...

5.4CVSS0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 4:0 p.m.34 views

CVE-2026-13434 Virt-controller-rhel9: kubevirt: kubevirt: multus default-network annotation injection via unvalidated tenant networkname when externalnetresourceinjection is enabled

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or...

4.9CVSS0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 3:58 p.m.32 views

CVE-2026-57518 Pagekit CMS 1.0.18 Privilege Escalation via UserApiController

Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escalate privileges by assigning arbitrary custom roles to themselves due to missing authorization checks in UserApiController::saveAction. Attackers can...

8.8CVSS0.00479EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 3:53 p.m.37 views

CVE-2023-20572

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity...

5.6CVSS0.00114EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:50 p.m.43 views

CVE-2026-9640 LXD Snapshot Import Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS0.00342EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/26 3:47 p.m.37 views

CVE-2026-0828 Kernel driver vulnerability in Safetica Endpoint Client

Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...

0.00461EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/06/26 3:45 p.m.37 views

CVE-2026-0685 Server side template inject (SSTI) in Edgewall Genshi Template Engine

Server side template inject SSTI in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution RCE via crafted template expressions...

0.00726EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:45 p.m.39 views

CVE-2026-47214 Docling: Unsafe URI and Path Handling in HTML Backend

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0...

7.1CVSS0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 3:44 p.m.32 views

CVE-2023-20540

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity...

1.8CVSS0.00114EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:40 p.m.38 views

CVE-2026-44018 Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...

5.5CVSS0.00113EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 3:39 p.m.35 views

CVE-2025-11919 Unprotected temporary directories in Wolfram Cloud may result in privilege escalation

The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...

0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:39 p.m.37 views

CVE-2026-9639 Authenticated Denial of Service via Malicious Backup Tarball in LXD

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...

6.5CVSS0.00389EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/26 3:27 p.m.38 views

CVE-2026-12411 Broken Access Control in Canonical LXD DevLXD API

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

8.4CVSS0.00209EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/26 3:18 p.m.34 views

CVE-2026-45195 GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...

0.00106EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:15 p.m.32 views

CVE-2026-5757 There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...

0.00551EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/26 3:14 p.m.29 views

CVE-2026-21734 GPU DDK - libusc OOB write at TreeRemove during WebGPU shader compilation

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.38 views

CVE-2026-57667 WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability

Sales Representative SQL Injection in Groundhogg = 4.5 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.33 views

CVE-2026-57665 WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in GravityView = 3.0.0 versions...

5.3CVSS0.00187EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.33 views

CVE-2026-57663 WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.34 views

CVE-2026-57664 WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder = 1.1.6 versions...

4.3CVSS0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.31 views

CVE-2026-57662 WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability

Contributor SQL Injection in Contest Gallery = 30.0.0 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.33 views

CVE-2026-57660 WordPress Booking and Rental Manager plugin <= 2.7.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Booking and Rental Manager = 2.7.1 versions...

5.3CVSS0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.32 views

CVE-2026-57661 WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability

Subscriber Broken Access Control in WPComplete = 2.9.5.5 versions...

5.4CVSS0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.34 views

CVE-2026-57659 WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Paid Memberships Pro - Add Member From Admin = 0.7.2 versions...

8.8CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.31 views

CVE-2026-57658 WordPress TemplateSpare plugin <= 4.2.0 - Arbitrary File Upload vulnerability

Administrator Arbitrary File Upload in TemplateSpare = 4.2.0 versions...

9.1CVSS0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.31 views

CVE-2026-57657 WordPress Gmail SMTP plugin <= 1.2.3.19 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Gmail SMTP = 1.2.3.19 versions...

4.3CVSS0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.32 views

CVE-2026-57656 WordPress Hester Core plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Author Cross Site Scripting XSS in Hester Core = 1.1.8 versions...

5.9CVSS0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.34 views

CVE-2026-57655 WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...

8.2CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.34 views

CVE-2026-57654 WordPress Affiliates Manager plugin <= 2.9.49 - Broken Access Control vulnerability

Affiliate Broken Access Control in Affiliates Manager = 2.9.49 versions...

6.5CVSS0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.32 views

CVE-2026-57653 WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability

Contributor SQL Injection in WP Job Portal = 2.5.2 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.31 views

CVE-2026-57652 WordPress JS Help Desk plugin <= 3.1.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in JS Help Desk = 3.1.0 versions...

5.3CVSS0.00187EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.38 views

CVE-2026-57651 WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Ghost Kit = 3.6.0 versions...

6.5CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.30 views

CVE-2026-57650 WordPress Magazine Blocks plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Magazine Blocks = 1.8.3 versions...

6.5CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.31 views

CVE-2026-57648 WordPress Nelio Content plugin <= 4.3.4 - Broken Access Control vulnerability

Contributor Broken Access Control in Nelio Content = 4.3.4 versions...

4.3CVSS0.00152EPSS
Exploits0References1
Total number of security vulnerabilities363492