Lucene search
K
CvelistRecent

364478 matches found

Cvelist
Cvelist
•added 2026/06/22 12:17 p.m.•31 views

CVE-2026-56424 Broken access control in MISP core allows cross-organization unauthorized modification or deletion of analyst data, event reports, collections, templates, and decaying models

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged authenticated user with the relevant feature permission could...

7.1CVSS0.00361EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/22 11:56 a.m.•30 views

CVE-2026-56423 MISP Core: Broken access control allows instance-wide unauthorized deletion of event reports and sharing groups via bulk deletion endpoints

MISP Core contained broken access-control checks in the bulk deletion flows for Event Reports and Sharing Groups. The affected deleteSelection handlers authorized deletion using broad role-level permissions instead of validating authorization for each selected object. For Event Reports,...

9.4CVSS0.00261EPSS
Exploits1References2
Cvelist
Cvelist
•added 2026/06/22 11:43 a.m.•32 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS0.00362EPSS
Exploits0References16
Cvelist
Cvelist
•added 2026/06/22 11:28 a.m.•30 views

CVE-2026-11373 Net::Statsite::Client versions through 1.1.0 for Perl allow metric injections

Net::Statsite::Client versions through 1.1.0 for Perl allow metric injections. Net::Statsite::Client is a client for the statsite protocol, which is a variant of statsd. Newlines are not removed from metric names, allowing metric injections. Values are not sanitised for newlines or other protocol...

0.00352EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/22 9:30 a.m.•38 views

CVE-2026-12581 Digiwin|EasyFlow .NET - Session Fixation

EasyFlow .NET developed by Digiwin has a Session Fixation vulnerability. If unauthenticated remote attackers replace a specific session ID for a user, they can gain the user's privilege once the user logs in...

7.7CVSS0.00299EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/22 9:26 a.m.•34 views

CVE-2026-12580 Digiwin|EasyFlow .NET - Stored Cross-Site Scripting

EasyFlow .NET developed by Digiwin has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

5.4CVSS0.00168EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/22 9:6 a.m.•32 views

CVE-2023-45795 Pilz: XSS vulnerability in Pilz PASvisu and PMI v8xx

A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticated attacker to inject malicious javascript and gain full control over the device...

7.8CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 9:4 a.m.•31 views

CVE-2023-45796 XSS vulnerability in Pilz PASvisu and PMI v8xx

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

8.1CVSS0.00349EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 8:41 a.m.•35 views

CVE-2026-12863 Open redirect

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...

5.1CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 8:26 a.m.•33 views

CVE-2026-12862 XLSX formula injection in exports

Untrusted user data was passed verbatim to Excel exports for administrators. This allowed formula injection which can be used to compromise the environment of the user loading the file or other data in the file...

5.1CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 8:10 a.m.•40 views

CVE-2025-4994 Authentication Bypass for SafeLine SL6 and SL6+

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS0.00207EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 7:47 a.m.•34 views

CVE-2025-62198 Apache Atlas: Stored XSS in Create Entity page

An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommended to upgrade to version 2.5.0, which fixes the issue...

0.00315EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 7:38 a.m.•35 views

CVE-2026-44914 Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

7.5CVSS0.00393EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 7:37 a.m.•32 views

CVE-2026-44911 Apache NiFi: Incorrect Authorization for Configuration Verification Requests

Authorization handling for component configuration verification requests in Apache NiFi 1.15.0 through 2.9.0 allows clients with read access to submit proposed configuration properties. The proposed properties override current configuration, enabling users with read access to invoke predefined...

2.3CVSS0.00327EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 7:36 a.m.•33 views

CVE-2026-44913 Apache NiFi: Improper Escaping of Table Names in CaptureChangeMySQL

Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache NiFi 1.2.0 through 2.9.0 allows for injecting SQL commands using crafted naming. Manual quoted boundaries added in Apache NiFi 1.8.0 narrowed the scope of potential injection options, but did not...

5.2CVSS0.00385EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 7:34 a.m.•43 views

CVE-2026-54665 Apache NiFi: Missing Validation for Proxy Host Headers

Apache NiFi 0.0.1 through 2.9.0 support building qualified URLs from one of several HTTP request headers that provide an alternative to the standard Host header without validating the values provided. Apache NiFi 1.6.0 introduced a configurable application property to restrict values provided in...

6.3CVSS0.00268EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:55 a.m.•31 views

CVE-2025-66336 Apache Doris MCP Server: SQL injection leading the authentication bypass

Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-controlled database name is directly interpolated into a SQL query, and the query is executed without passing the caller's authorization context. This may allow an authenticated attacker, or an anonymo...

0.00375EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:0 a.m.•33 views

CVE-2026-7859 Motors Car Dealership & Classified Listings < 1.4.110 - Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media

The Motors WordPress plugin before 1.4.110 does not have proper authorisation and CSRF checks on one of its AJAX actions, allowing unauthenticated attackers to modify arbitrary post metadata, such as the gallery, featured image and, on WooCommerce sites, product prices...

0.00117EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:0 a.m.•33 views

CVE-2026-8157 Vitepos < 3.4.2 - Outlet Manager+ Privilege Escalation

The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API endpoints, allowing authenticated users with a custom Vitepos WordPress plugin before 3.4.2 role to escalate privileges to administrator...

0.00237EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:0 a.m.•31 views

CVE-2026-6858 Transbank Webpay < 1.14.0 - Unauthenticated Stored XSS

The Transbank Webpay WordPress plugin before 1.14.0 does not sanitize and escape logs to be displayed, allowing unauthenticated users to perform Stored XSS attacks against logged in administrator...

0.00164EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:0 a.m.•32 views

CVE-2026-4110 Ultimate WooCommerce Auction Pro <= 2.4.5 - Reflected XSS via uwa_auctions_bids_list

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00152EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:0 a.m.•35 views

CVE-2026-4259 Ultimate WooCommerce Auction Pro <= 2.4.5 - Reflected XSS via uwa_manage_auctions

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00146EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 6:0 a.m.•32 views

CVE-2026-10530 Pie Register < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox...

0.00129EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 3:24 a.m.•33 views

CVE-2026-6645 Insecure Search Path Vulnerability in PaperCut Print Deploy Client for Windows

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

7.3CVSS0.00136EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 2:37 a.m.•32 views

CVE-2026-11748

A vulnerability has been identified in centraldogma-server-auth-shiro versions prior to 0.84.0, where the SearchFirstActiveDirectoryRealm substitutes the login username into an LDAP search filter without neutralizing LDAP filter metacharacters, allowing an unauthenticated attacker to manipulate t...

6.9CVSS0.00386EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 2:35 a.m.•35 views

CVE-2026-11746

A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper...

9.4CVSS0.00145EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 2:33 a.m.•34 views

CVE-2026-11745

A vulnerability has been identified in centraldogma-server-mirror-git versions prior to 0.84.0, where the Git mirror SSH client does not verify remote host keys for git+ssh:// connections, allowing an on-path attacker to perform man-in-the-middle attacks and compromise mirrored repositories...

8.8CVSS0.00139EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 2:0 a.m.•32 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS0.00224EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 12:0 a.m.•31 views

CVE-2025-66389

GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder without user approval via a file-handler URI parameter to fetchwebpage. Therefore, exfiltration could occur if there is indirect prompt injection...

0.00853EPSS
Exploits1References3
Cvelist
Cvelist
•added 2026/06/21 11:45 p.m.•39 views

CVE-2026-12823 Browserbase Skills Autobrowse Trace Artifact default permission

A security flaw has been discovered in Browserbase Skills up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the publ...

4.8CVSS0.00115EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/21 11:30 p.m.•44 views

CVE-2026-12822 langflow-ai langflow Bundle URL Loader code injection

A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in...

5.3CVSS0.00188EPSS
Exploits1References5
Cvelist
Cvelist
•added 2026/06/21 11:15 p.m.•34 views

CVE-2026-12821 FlowiseAI Flowise S3 Document Loader S3.ts path traversal

A vulnerability was determined in FlowiseAI Flowise up to 3.1.2. The impacted element is an unknown function of the file packages/components/nodes/documentloaders/S3/S3.ts of the component S3 Document Loader. Executing a manipulation can lead to path traversal. It is possible to launch the attack...

6.5CVSS0.0034EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 11:0 p.m.•34 views

CVE-2026-12815 coollabsio coolify Image Name os command injection

A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of the component Image Name Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in an...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 10:45 p.m.•19 views

CVE-2026-12814 Comfast CF-WR631AX V3 API Endpoint mbox-config system os command injection

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS0.01182EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 10:30 p.m.•28 views

CVE-2026-12813 activepieces File URL file.ts handleUrlFile server-side request forgery

A vulnerability was detected in activepieces up to 0.83.0. This vulnerability affects the function handleUrlFile in the library packages/server/engine/src/lib/variables/processors/file.ts of the component File URL Handler. The manipulation results in server-side request forgery. The attack can be...

6.5CVSS0.00201EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 10:15 p.m.•23 views

CVE-2026-12812 Radware Cyber Controller HTML Report Generation HTML injection

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS0.00195EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/21 10:0 p.m.•25 views

CVE-2026-12811 kortix-ai suna Auth Endpoint page.tsx router.push cross site scripting

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...

5.3CVSS0.00288EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/21 9:45 p.m.•21 views

CVE-2026-12810 Edimax BR-6478AC V2 POST Request mp command injection

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 9:30 p.m.•18 views

CVE-2026-12809 Edimax BR-6478AC V2 POST Request wiz_5in1_redirect command injection

A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz5in1redirect of the file /goform/wiz5in1redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 8:45 p.m.•20 views

CVE-2026-12808 Edimax BR-6478AC V2 POST Request stainfo command injection

A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicl...

6.5CVSS0.01182EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 7:45 p.m.•20 views

CVE-2026-12807 Edimax BR-6478AC V2 POST Request setWAN command injection

A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack...

6.5CVSS0.01182EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 7:30 p.m.•22 views

CVE-2026-12806 Edimax BR-6478AC V2 POST Request formWlSiteSurvey buffer overflow

A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack...

9CVSS0.00455EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/21 7:15 p.m.•22 views

CVE-2026-12805 OFFIS DCMTK ofxml.cc parseFile heap-based overflow

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

7.5CVSS0.00279EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/21 6:30 p.m.•22 views

CVE-2026-12804 lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS0.00264EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/21 3:58 p.m.•32 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

4.9CVSS0.00105EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/21 3:56 p.m.•35 views

CVE-2026-56411

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...

6.9CVSS0.0011EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/21 3:55 p.m.•31 views

CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS0.0011EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/21 3:52 p.m.•31 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS0.00098EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/21 3:51 p.m.•29 views

CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS0.00102EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/21 3:49 p.m.•31 views

CVE-2026-56407

libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...

6.9CVSS0.00102EPSS
Exploits0References1
Total number of security vulnerabilities364478