Lucene search
+L
CvelistRecent

366944 matches found

Cvelist
Cvelist
added 15 minutes ago2 views

CVE-2026-21764 Insufficient Input Validation in DevOps Loop

HCL DevOps Loop is affected by insufficient input validation that allows special characters where they should be restricted. This may result in unintended application behavior under certain conditions...

3.1CVSS
Exploits0References1
Cvelist
Cvelist
added 16 minutes ago2 views

CVE-2026-21762 Missing HTTP Security Headers in DevOps Loop

HCL DevOps Loop is affected by missing HTTP security headers. Missing security headers may reduce browser protections against common web-based attacks such as clickjacking, MIME-type sniffing, and cross-site scripting...

3.7CVSS
Exploits0References1
Cvelist
Cvelist
added 16 minutes ago2 views

CVE-2026-21761 CORS Misconfiguration in DevOps Loop

HCL DevOps Loop is affected by a Cross-Origin Resource Sharing CORS misconfiguration. Improper CORS configuration may allow unauthorized cross-origin requests, potentially exposing application resources to untrusted domains...

4.2CVSS
Exploits0References1
Cvelist
Cvelist
added 20 minutes ago2 views

CVE-2026-21760 Unauthorized Access to Admin Functionality via Forced Browsing

HCL DevOps Loop is affected by an Unauthorized Access to Admin Functionality Forced Browsing vulnerability. Improper authorization checks may allow unauthorized users to access restricted administrative functionality by directly accessing protected application endpoints...

4.6CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago1 views

CVE-2026-12694 Missing Authorization in Vimesoft's Enterprise Video Platform

Missing Authorization vulnerability in Vimesoft Inc. Enterprise Video Platform allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

9.1CVSS
Exploits0References1
Cvelist
Cvelist
added 27 minutes ago2 views

CVE-2026-54496 Missing copy constraint in halo2_gadgets variable-base scalar multiplication allows under-constrained base, breaking Orchard Action circuit soundness

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad 5.0.0, halo2gadgets 0.5.0, orchard 0.14.0, zcashprimitives 0.28.0, and zcashd 6.20.0, the variable-base scalar multiplication gadget in halo2gadgets/src/ecc/chip/mul/incomplete.rs used assignadvice for the base point without a copy...

9.3CVSS
Exploits0References7
Cvelist
Cvelist
added 35 minutes ago1 views

CVE-2026-12693 IDOR in Vimesoft's Enterprise Video Platform

Authorization bypass through User-Controlled key vulnerability in Vimesoft Inc. Enterprise Video Platform allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

9.4CVSS
Exploits0References1
Cvelist
Cvelist
added 42 minutes ago3 views

CVE-2026-16104 Keycloak-services: keycloak-services: authenticator config endpoint exposes raw recaptcha secrets to view-only admins

A flaw was found in the authentication configuration endpoint of the keycloak-services component, which is the core engine for Red Hat Build of Keycloak identity and access management. The issue occurs because the system fails to mask sensitive configuration values, such as reCAPTCHA secret keys,...

4.3CVSS
Exploits0References2
Cvelist
Cvelist
added 42 minutes ago4 views

CVE-2026-16103 Keycloak-services: keycloak-services: incomplete fix for ciba brute-force lockout bypass at token redemption

A flaw was found in the keycloak-services component of Keycloak. This issue is an incomplete fix for CVE-2026-9798, where brute-force protection checks were added to the Client-Initiated Backchannel Authentication CIBA initiation handler but were omitted from the token redemption handler. This...

4.3CVSS
Exploits0References2
Cvelist
Cvelist
added 43 minutes ago5 views

CVE-2026-16106 Keycloak-services: keycloak-services: incorrect authorization in admin role-composite deletion allows delegated admin to remove privileged child roles

A flaw was found in the admin REST API of Keycloak, a solution for identity and access management. The issue occurs when a delegated administrator attempts to remove a child role from a composite role. Due to missing authorization checks, an attacker with limited administrative permissions can...

4.9CVSS
Exploits0References2
Cvelist
Cvelist
added 43 minutes ago5 views

CVE-2026-16108 Keycloak-services: keycloak-services: realm default-group reads disclose hidden groups under fgap v2

A flaw was found in the default-groups REST endpoint and realm representation of Keycloak. This component is responsible for managing groups that are automatically assigned to new users within a realm. The issue allows a delegated administrator with realm-viewing permissions to see the names and...

4.3CVSS
Exploits0References2
Cvelist
Cvelist
added 43 minutes ago5 views

CVE-2026-16093 Keycloak-services: keycloak-services: required signed-jwt assertion policy can be bypassed with unsigned assertion headers

Keycloak provides a mechanism called Client Policies to enforce security requirements on clients, such as requiring them to use signed JWTs for authentication. A flaw was discovered where this enforcement can be bypassed. An attacker with valid client credentials can provide a fake, unsigned...

5.4CVSS
Exploits0References2
Cvelist
Cvelist
added 44 minutes ago5 views

CVE-2026-44722 pyzipper: Encryption bypass for small files encrypted with pyzipper

pyzipper is a replacement for Python's zipfile that can read and write AES encrypted zip files. Prior to 0.4.0, a Python operator precedence bug in pyzipper/zipfileaes.py caused the AE-2 format to never be automatically selected during encryption, causing encrypted entries to be written in AE-1...

6.2CVSS0.00009EPSS
Exploits0References3
Cvelist
Cvelist
added 47 minutes ago4 views

CVE-2026-12692 Improper Authentication in Vimesoft's Enterprise Video Platform

Unverified password change vulnerability in Vimesoft Inc. Enterprise Video Platform allows Authentication Bypass. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

9.8CVSS
Exploits0References1
Cvelist
Cvelist
added 54 minutes ago4 views

CVE-2026-12691 Authentication Bypass in Vimesoft's Enterprise Video Platform

Missing authentication for critical function vulnerability in Vimesoft Inc. Enterprise Video Platform allows Authentication Bypass. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 1 hour ago9 views

CVE-2026-49215 Symfony UX: CSRF Protection Bypass in symfony/ux-live-component — Accept Header is CORS-Safelisted

Symfony UX is a JavaScript ecosystem for Symfony. From 2.22.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\EventListener\LiveComponentSubscriber::isLiveComponentRequest gates LiveAction invocations on Accept: application/vnd.live-component+html, but the Accept header is CORS-safelisted and...

2.1CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-57860 ForgeCode Arbitrary Code Execution via Unvetted .mcp.json in Untrusted Repository

ForgeCode tailcallhq/forgecode, an AI pair-programming CLI, automatically loads and executes the MCP servers defined in a repository's .mcp.json file on startup without user confirmation. A malicious repository can supply a crafted .mcp.json whose mcpServers entries specify arbitrary command and...

8.4CVSS
Exploits0References5
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-49216 Symfony UX: XSS in symfony/ux-autocomplete via unescaped AJAX response data

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, the Stimulus controller in symfony/ux-autocomplete renders AJAX response items in createAutocompleteWithRemoteData by interpolating the text field into HTML template literals $itemlabelField rather than text,...

5.1CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-63309 SurrealDB < 3.1.5 Information Disclosure via ORDER BY

SurrealDB before 3.1.5 fail to apply field-level SELECT permissions to ORDER BY clauses, allowing authenticated users to leak the relative ordering of restricted field values. Attackers can issue ORDER BY queries on indexed restricted fields to recover the hidden values' sort order across records...

5.3CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-49211 Symfony UX: Information exposure via unescaped LIKE wildcards in EntitySearchUtil

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, Symfony\UX\Autocomplete\Doctrine\EntitySearchUtil::addSearchClause builds the LIKE expression used by the autocomplete endpoint by wrapping the client-supplied query in %...% without escaping SQL LIKE wildcards %...

6.9CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago7 views

CVE-2026-63308 Helm Files.Lines Denial of Service via Empty Chart Files

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-63307 Chat2DB < 5.3.0 Insecure Direct Object Reference via GET /api/connection/datasource

Chat2DB before 5.3.0 contains an insecure direct object reference vulnerability in the GET /api/connection/datasource/id endpoint. The handler calls dataSourceService.queryExistentid, ... without an ownership check and returns the decrypted password field, allowing any authenticated non-admin use...

7.1CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago4 views

CVE-2026-49208 Symfony UX: Format-less date LiveProps parsed with the permissive DateTime constructor

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, when a LiveProp is typed as DateTimeInterface and no explicit format is configured, Symfony\UX\LiveComponent\LiveComponentHydrator::hydrateObjectValue falls back to new $className$value, allowing client-supplied...

6.9CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-49210 Symfony UX: XSS in symfony/ux-live-component via attacker-controlled child component tag

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Util\ChildComponentPartialRenderer::createHtml interpolates the client-controlled childrenid.tag value from LiveComponentSubscriber and InterceptChildComponentRenderSubscriber directly in...

2.3CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago4 views

CVE-2026-49212 Symfony UX: LiveComponentHydrator HMAC checksum lacks component and slot binding

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, the HMAC computed by Symfony\UX\LiveComponent\LiveComponentHydrator covered only sorted prop key/value pairs and did not include the component name, the slot identifier props vs propsFromParent, or request contex...

6.9CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-49209 Symfony UX: Denial of service in symfony/ux-live-component via unbounded batch action requests

Symfony UX is a JavaScript ecosystem for Symfony. From 2.5.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Controller\BatchActionController::invoke iterates over the client-supplied actions array and issues a full HttpKernel sub-request for each entry; because the array size is never bounded, ...

5.3CVSS
Exploits0References4
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-9588 Authenticated Stored Cross-Site Scripting (XSS) in Switchvox SMB Web Portal

A stored cross-site scripting XSS vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997 within the voicemail notification template functionality. The submitmodifyvoicemailtemplate endpoint fails to properly sanitize HTML content supplied by authenticated users, allowing malicious...

7CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-9587 Authenticated Local File Inclusion (LFI) in Switchvox SMB Web Portal

An authenticated local file inclusion vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The playfile functionality accepts user-controlled input through the soundpath parameter and fails to properly validate file paths before accessing the underlying filesystem. By supplying...

7.1CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago4 views

CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-11763 IDOR in GIS Informatics' GisLab Laboratory Management System

Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows Exploitation of Trusted Identifiers. This issue affects GisLab Laboratory Management System: from 1.4.03...

6.5CVSS
Exploits0References1
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-9585 Unauthenticated Reflected Cross-Site Scripting (XSS) in Switchvox SMB Web Portal

An unauthenticated reflected cross-site scripting XSS vulnerability exists in Sangoma Switchvox SMB Edition version 8.3 104997. The application fails to properly sanitize the portal parameter supplied to the invalidbrowser and invalidbrowserlogin handlers. User-supplied data is reflected into...

8.6CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-63101 Open Event Server 1.19.1 Unauthenticated Member Roster Export via CSV Export Endpoint

Open Event Server through 1.19.1 contains a missing authentication vulnerability that allows unauthenticated attackers to export the complete member roster of any group, including email addresses, names, join dates, and roles, by submitting requests to the group followers CSV export endpoint whic...

8.7CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-8297 SQLi in GIS Informatics' GisLab Laboratory Management System

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows SQL Injection. This issue affects GisLab Laboratory Management System: fr...

9.8CVSS
Exploits0References1
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-58148 Joomla Extension - chronoengine.com - Stored XSS in ChronoForms extension for Joomla < 8.0.53

The Joomla extension ChronoForms is vulnerable to an unauthenticated stored XSS vulnerability...

8.7CVSS
Exploits0References1
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-60024 Joomla Extension - joomdonation.com - Insecure default configuration Events Booking < 5.8.0

The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets...

Exploits0References1
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-58149 Joomla Extension - joomdonation.com - User enumeration in Events Booking < 5.8.0

The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses...

Exploits0References1
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-63100 Maybe 0.6.0 Missing Authorization via HostingsController show/update

Maybe through 0.6.0 contains a missing authorization vulnerability that allows authenticated low-privilege member-role users to access and modify global hosting settings by exploiting unprotected show and update actions in the Settings::HostingsController, where the beforeaction ensureadmin filte...

7.1CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago4 views

CVE-2026-60025 Joomla Extension - joomdonation.com - User enumeration in Events Booking < 5.8.0

The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection...

Exploits0References1
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-63099 TheHive 4.1.24 Broken Object Level Authorization via Attachment Download Endpoints

TheHive through 4.1.24 contains a broken object-level authorization vulnerability in the attachment download endpoints that allows any authenticated user to access attachments belonging to other organizations by supplying a content-hash identifier. Attackers can exploit the missing...

7.1CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-63098 TheHive 4.1.24 Unauthenticated Information Disclosure via /api/status Endpoint

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-63097 Dendrite 0.13.8 syncapi /context Endpoint Post-Leave State Exposure

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-63096 Dendrite 0.13.8 SSRF via Unauthenticated Legacy Media Download Endpoint

Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows unauthenticated attackers to cause the server to open outbound TLS connections to arbitrary hosts and ports by supplying an unvalidated serverName parameter to the legacy media download endpoint. Attackers ca...

6.9CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago7 views

CVE-2026-9537 Mojo::JWT versions before 1.02 for Perl verify HMAC signatures with a non-constant-time string comparison

Mojo::JWT versions before 1.02 for Perl verify HMAC signatures with a non-constant-time string comparison. The decode method compares the supplied signature to the recomputed HMAC with Perl's eq operator, which stops at the first differing byte, so the comparison time varies with the number of...

Exploits0References1
Cvelist
Cvelist
added 1 hour ago6 views

CVE-2026-63095 Dendrite 0.13.8 Improper Authorization via POST account/3pid/delete Endpoint

Dendrite through 0.13.8 contains an improper authorization vulnerability in the Matrix Client-Server API that allows any authenticated local user to delete third-party identifier bindings belonging to other users by submitting an arbitrary address and medium to the account deletion endpoint witho...

7.1CVSS
Exploits0References2
Cvelist
Cvelist
added 2 hours ago5 views

CVE-2026-15783 Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed reading private repository metadata via delegated bypass rule suites

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with write access to any repository to read metadata from private repositories they did not have access to, including private repository owners and names, branch names, commit SHAs,...

5.3CVSS
Exploits0References5
Cvelist
Cvelist
added 2 hours ago7 views

CVE-2026-14741 HTTP::Date versions before 6.08 for Perl allow CPU exhaustion via polynomial regex backtracking in parse_date

HTTP::Date versions before 6.08 for Perl allow CPU exhaustion via polynomial regex backtracking in parsedate. parsedate matches the date string against a chain of alternative regexes, and str2time delegates to it. Several of these patterns place unbounded quantifiers next to each other before a...

Exploits0References3
Cvelist
Cvelist
added 2 hours ago6 views

CVE-2026-15343 Path traversal vulnerability in GitHub Enterprise Server allowed writing files to arbitrary repository paths, including GitHub Actions workflow files, via unchecked Dependabot dependency-file paths

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker who had code execution inside the Dependabot updater container to write files to arbitrary repository paths, including GitHub Actions workflow files under .github/workflows/ as the path validation d...

8.6CVSS
Exploits0References5
Cvelist
Cvelist
added 2 hours ago5 views

CVE-2026-15007 Denial of service vulnerability in GitHub Enterprise Server allowed service disruption via deeply nested YAML in release notes configuration

A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to cause service disruption by supplying a repository release notes configuration file containing deeply nested YAML. When release notes were generated, the configuration file was parse...

8.3CVSS
Exploits0References5
Cvelist
Cvelist
added 2 hours ago9 views

CVE-2026-12715 Missing Authorization in Firebase Studio allows Cross-Tenant Source Code Theft

Missing Authorization in Google Cloud Firebase Studio versions prior to 2026-04-15 on Google Cloud Platform allows an attacker to download other users' deployed source code and access sensitive data via unauthorized GCS URL signing requests. This vulnerability was patched on 15 April 2026, and no...

8.5CVSS
Exploits0References1
Cvelist
Cvelist
added 2 hours ago8 views

CVE-2026-14871 osTicket v1.18.3 - v1.17.7 - BOLA/IDOR in ticket field viewing allows cross-department data disclosure

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS
Exploits0References5
Total number of security vulnerabilities366944