413914 matches found
EUVD-2026-29508
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability CWE-502 in the MultitaskClassifier.load method of the MultitaskClassifier class. The method loads model weight files using torch.load without enabling the security-restrictive weightsonly=True parameter. This...
EUVD-2026-29515
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through...
EUVD-2026-29519
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...
EUVD-2026-29513
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versions may also be affected. Users are recommended to upgrade ...
EUVD-2026-29514
Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...
EUVD-2026-29496
Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...
EUVD-2026-29502
The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 is vulnerable to insecure deserialization CWE-502. When loading a model state dictionary from a statedict.pt file via torch.load, the function does not...
EUVD-2026-29497
Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...
EUVD-2026-29494
Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...
EUVD-2023-31489
An arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted PHP file...
EUVD-2023-34492
An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send support calls for other users via manipulation of the chamado parameter through a crafted GET request...
EUVD-2026-29495
Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...
EUVD-2026-29501
The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from...
EUVD-2026-29500
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/objectname:path endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send craft...
EUVD-2026-29499
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...
EUVD-2026-29498
The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 2025-20-27 contains an insecure deserialization vulnerability CWE-502. The script uses torch.load to process PyTorch checkpoint files .pt without enabling the security-restrictiv...
EUVD-2026-29728
Shelf is a platform for tracking physical assets. From 1.12 to before 1.20.1, a SQL injection vulnerability in the sortBy query parameter on the /assets route allows any authenticated user any role to execute arbitrary SQL and read data from any table in the database, including data belonging to...
EUVD-2026-29721
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
EUVD-2026-29727
Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...
EUVD-2026-29726
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, Cleanuparr's global CORS policy reflects every request Origin and combines it with AllowCredentials. When DisableAuthForLocalAddresses ...
EUVD-2026-29725
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the client IP. That entr...
EUVD-2026-29701
Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery SSRF vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests fr...
EUVD-2026-29703
linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...
EUVD-2026-29696
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-29695
Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally...
EUVD-2026-29694
Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...
EUVD-2026-29693
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
EUVD-2026-29691
Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...
EUVD-2026-29622
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...
EUVD-2026-29572
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...
EUVD-2026-29692
Horilla is an HR and CRM software. In 1.5.0, the notification endpoints trust the unvalidated next parameter and redirect users to arbitrary external URLs. This allows an attacker to turn trusted application links into phishing or social-engineering redirects...
EUVD-2026-29732
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...
EUVD-2026-29537
Zulip is an open-source team collaboration tool. Prior to 12.0, With messageedithistoryvisibilitypolicy set to "moves", /api/v1/messages/id/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This...
EUVD-2026-29542
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...
EUVD-2026-29541
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool sendtokens, executecontract, instantiatecontract, uploadwasm, ibctransfer, etc. accepted 'mnemonic: string' as an explicit tool-call parameter. The BIP-39 seed was consequently embedded in th...
EUVD-2026-29539
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's runcommand wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be...
EUVD-2026-29538
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...
EUVD-2026-29540
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constructions, allowing unauthorized command execution on the host when combined with the companion...
EUVD-2026-29493
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3...
EUVD-2026-29483
The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...
EUVD-2026-29488
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...
EUVD-2026-29460
CWE-22: Improper Limitation of a Pathname to a Restricted Directory “Path Traversal” vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing...
EUVD-2026-29490
Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges...
EUVD-2026-29489
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...
EUVD-2026-29487
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...
EUVD-2026-29492
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...
EUVD-2026-29486
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
EUVD-2026-29484
CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...
EUVD-2025-209787
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
EUVD-2026-29485
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...