Lucene search
K
CvelistRecent

363414 matches found

Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-27775 Gitea pre-receive hook permission cache allows full repository write access

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

0.00198EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-27761 Gitea repository feeds bypass API token scope enforcement

Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...

4.3CVSS0.00367EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-27660 Gitea draft releases use insufficient permission checks

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-27771 Gitea Composer package source links use insufficient permission checks

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...

8.2CVSS0.40738EPSS
Exploits1References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-26292 Gitea LFS mirror synchronization bypasses migration HTTP transport restrictions

Gitea versions before 1.25.5 do not use the migration HTTP transport for LFS push and sync mirror operations, bypassing the configured migration transport protections for those LFS requests...

0.00174EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-27657 Gitea email settings allow changing another user's primary email address

Gitea versions before 1.25.5 allow a user to change another user's primary email address...

0.00167EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-26307 Gitea git grep search lacks a timeout

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

0.00175EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-26231 Gitea maintainer-edit permissions allow unauthorized commits to readable repositories

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write...

8.5CVSS0.00291EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

0.00167EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-26247 Gitea OAuth2 PKCE S256 challenges are not enforced during token exchange

Gitea versions before 1.25.5 do not persist the OAuth2 PKCE S256 challenge method correctly during authorization, allowing token exchange without the expected verifier check...

0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-25718 Gitea template repository generation mishandles symlinked paths

Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...

0.00172EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-25779 Gitea redirect handling permits open redirects through backslash paths

Gitea versions up to and including 1.25.4 allow redirect bypasses through raw or percent-encoded backslashes in redirectto values...

0.00167EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-25782 Gitea tracked-time deletion can target entries from another issue

Gitea versions before 1.25.5 look up tracked-time entries by time ID without scoping the lookup to the issue in the request URL, allowing deletion attempts to target entries from another issue...

0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-25714 Gitea user organization API bypasses public-only token filtering

Gitea versions up to and including 1.26.1 do not apply public-only token filtering consistently to the user organization API, leaving an incomplete fix for CVE-2025-68941...

4.3CVSS0.00271EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-25038 Gitea private organization labels are visible to unauthorized users

Gitea 1.26.2 allows unauthorized users to access labels of private organizations...

0.00198EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-25712 Gitea organization permission APIs expose private visibility information

Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations...

0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-24451 Gitea fork synchronization can expose private parent repository data

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...

0.00198EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering...

9.6CVSS0.00464EPSS
Exploits1References5
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-24690 Gitea pull-request branch updates use insufficient permission checks

Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches...

0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago28 views

CVE-2026-22547 Gitea repository creation accepts invalid field values

Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values...

0.00168EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-22555 Gitea organization forks can expose organization secrets without create permission

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...

8.1CVSS0.00304EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-20896 Gitea Docker image trusts spoofable reverse-proxy headers by default

Gitea Docker image versions up to and including 1.26.2 use REVERSEPROXYTRUSTEDPROXIES= by default, allowing any source IP to impersonate a user when reverse-proxy authentication headers such as X-WEBAUTH-USER are enabled...

9.8CVSS0.00783EPSS
Exploits3References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-20909 Gitea tracked-time list endpoint has insufficient permission checks

Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries...

0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-20779 Gitea TOTP single-use enforcement defect allows OTP replay

Gitea versions from 1.5.0 before 1.26.3 have a TOTP single-use enforcement defect that allows a valid TOTP code to be accepted more than once across web two-factor authentication flows and the Basic Auth X-Gitea-OTP path...

7.1CVSS0.00481EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-20706 Gitea repository archive downloads bypass token scope checks

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint...

0.00256EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-14609 SourceCodester CET Automated Grading System with AI Predictive Analytics session fixiation

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The...

6.3CVSS0.00321EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-14608 SourceCodester CET Automated Grading System with AI Predictive Analytics POST index.php view_student authorization

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=viewstudent of the component POST Handler. The manipulation of the argument ID leads to authorization...

5.3CVSS0.00223EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago37 views

CVE-2026-14607 RT-Thread lwp_syscall.c sys_getaddrinfo memory corruption

A weakness has been identified in RT-Thread up to 5.0.2. This affects the function sysgetaddrinfo of the file components/lwp/lwpsyscall.c. Executing a manipulation of the argument aiaddr can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to...

6.8CVSS0.00119EPSS
Exploits0References7
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-14606 RT-Thread SWM341 CAN SWM341.h CAN_Receive stack-based overflow

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...

8.5CVSS0.00141EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-14605 RT-Thread ls1c CAN ls1c_can.h recvmsg stack-based overflow

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...

8.5CVSS0.00141EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-14604 Open Asset Import Library Assimp PLY Model PlyLoader.cpp ExportToBlob double free

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.5CVSS0.00233EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-58379 Gimp: gimp: heap buffer overflow in read_channel_data()

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS0.00233EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-14631 webpack-dev-server vulnerable to denial of service via a malformed Host or Origin header

webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught...

5.3CVSS0.00308EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-14620 webpack-dev-server vulnerable to cross-site request forgery via internal developer endpoints

webpack-dev-server versions 5.2.5 and earlier expose two internal developer endpoints, /webpack-dev-server/open-editor and /webpack-dev-server/invalidate, that perform state-changing actions on any GET request without verifying that the request originated from the dev server's own page. Any websi...

4.7CVSS0.00116EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-14615 Keycloak-services: keycloak: fgap v2 parent group children endpoint bypasses per-child view permission filter

A flaw was found in the Fine-Grained Admin Permissions FGAP v2 implementation within Keycloak's administrative services. When FGAP v2 is enabled, the system fails to properly filter child groups based on the caller's specific permissions when requested through a parent group. This allows a...

4.3CVSS0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-14614 Keycloak-services: keycloak-services: fgap v2 client scope assignment bypass via clientresource

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions FGAP v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not...

5.4CVSS0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-14613 Keycloak-services: keycloak-services: keycloak: fgap v2 role groups endpoint discloses hidden group metadata without group view permission

A vulnerability was discovered in Keycloak's administrative interface that allows certain administrators to see information about groups they shouldn't have access to. When the new Fine-Grained Admin Permissions FGAP v2 are turned on, an administrator who is allowed to see a specific "role" can...

4.3CVSS0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-14612 Freeipa: ipa: idm: freeipa: off-by-one buffer overflows in ipa-otpd oauth2.c during oauth2 device authorization

Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth2 device authorization handler can cause out-of-bounds memory access when processing an oversized response from a configured external OAuth2/OIDC Identity Provider. An attacker who controls or can man-in-the-middle the IdP endpoint may b...

4.2CVSS0.00142EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-49813

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

6.7CVSS0.00492EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-14460 Missing Authorization in TUBITAK BILGEM's pardus-software

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS0.00163EPSS
Exploits1References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-49814

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command 'OS...

7.2CVSS0.01216EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-14459 Argument Injection in TUBITAK BILGEM's pardus-software

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS0.00198EPSS
Exploits1References1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-49815

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

7.2CVSS0.01096EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-53478

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

7.2CVSS0.01216EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-46463

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an integer overflow or wraparound vulnerability. An unauthenticated attacker...

6.5CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-46464

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access 'Link following' vulnerabilit...

4.9CVSS0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-46465

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of externally-controlled format string vulnerability. A high privileg...

5.5CVSS0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-46466

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of less trusted source vulnerability. A high privileged attacker with...

2.7CVSS0.00109EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-46467

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an insertion of sensitive information into log file vulnerability. A low...

5.8CVSS0.00085EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-46468

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access 'Link following' vulnerabilit...

4.4CVSS0.00133EPSS
Exploits0References1
Total number of security vulnerabilities363414