Lucene search
K

417642 matches found

EUVD
EUVD
added 2026/06/26 9:47 p.m.13 views

EUVD-2026-31654

Cargo can be coerced to share credentials between registries...

6.5CVSS7.1AI score0.00328EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 9:46 p.m.8 views

EUVD-2026-38048

php-weasyprint: shell command injection via configurable WeasyPrint binary path due to inverted isexecutable guard mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc...

8.2CVSS5.8AI score0.00154EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 9:5 p.m.9 views

EUVD-2026-37951

mcp-pinot: Unauthenticated tool invocation via default oauthenabled=False + host 0.0.0.0 bind...

10CVSS5.8AI score0.00498EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 9:5 p.m.11 views

EUVD-2026-37950

Relyra SAML SignatureValue not cryptographically verified - authentication bypass...

9.1CVSS5.8AI score0.00135EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 9:4 p.m.9 views

EUVD-2026-38058

mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call...

8.1CVSS5.8AI score0.00264EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 9:3 p.m.11 views

EUVD-2026-37943

deepstream is vulnerable to prototype pollution...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 9:0 p.m.13 views

EUVD-2026-37807

CakePHP: View::element is missing a path containment check...

6.3CVSS5.8AI score0.00258EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 8:59 p.m.11 views

EUVD-2026-37805

joserfc: b64=false RFC7797 JWS payloads bypass JWSRegistry payload-size limits during deserialization...

5.3CVSS5.8AI score0.00163EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 8:58 p.m.8 views

EUVD-2026-39922

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath.endsWith"/configs" to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match...

10CVSS6.4AI score0.00684EPSS
Exploits2References1
EUVD
EUVD
added 2026/06/26 8:57 p.m.8 views

EUVD-2026-39921

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS6AI score0.00386EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:55 p.m.12 views

EUVD-2026-37798

PHP Standard Library: HTTP/2 server-side missing content-length validation enables request smuggling...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 8:55 p.m.8 views

EUVD-2026-39920

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS6AI score0.00386EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:54 p.m.6 views

EUVD-2026-39919

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API @Filter"/api/v1/" treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresse...

10CVSS5.8AI score0.00472EPSS
Exploits2References1
EUVD
EUVD
added 2026/06/26 8:52 p.m.7 views

EUVD-2026-39918

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the previewFileFromExecution endpoint GET /api/v1/tenant/executions/executionId/file/preview contains an access control bypass that allows any authenticated user to read output files from any other executio...

6.5CVSS5.9AI score0.00263EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:50 p.m.6 views

EUVD-2026-39917

Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...

8.7CVSS5.8AI score0.00158EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:45 p.m.8 views

EUVD-2026-39916

Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution parameters. A mass assignment vulnerability in externalTrigger allows an attacker to overwrite the interna...

8.2CVSS6AI score0.00461EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:44 p.m.8 views

EUVD-2026-39915

Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow validates a hostname against the blacklist before the request is sent, but the actual socket connectio...

8.5CVSS5.8AI score0.00202EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:44 p.m.7 views

EUVD-2026-39914

Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and, where the builder has published a PUBLIC write...

10CVSS5.8AI score0.00538EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:41 p.m.7 views

EUVD-2026-39913

Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id app... and an S3-source datasource id ds... can call this endpoint with no auth and obtain a 15-minute pre-signed PUT URL minted on the victim's IAM identity. The endpoin...

8.2CVSS5.8AI score0.00415EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:39 p.m.5 views

EUVD-2024-55645

The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application...

6.7CVSS5.8AI score0.00066EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 8:36 p.m.7 views

EUVD-2026-39912

Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...

7.4CVSS5.8AI score0.0029EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:34 p.m.9 views

EUVD-2026-39911

Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint no auth required that performs a permanent, state-changing operation: it binds an external chat identity Slack/Discord/MS Teams to an authenticated Budibase user accoun...

7.3CVSS5.8AI score0.00192EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:34 p.m.13 views

EUVD-2026-37516

Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication...

9.3CVSS5.8AI score0.00324EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 8:32 p.m.7 views

EUVD-2026-39910

Budibase is an open-source low-code platform. Prior to 3.39.9, POST /api/pwa/process-zip at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with [email protected] into a temp directory, then for each entry listed in icons.json validates the icon path, open...

9.6CVSS5.8AI score0.00494EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 8:22 p.m.7 views

EUVD-2026-39909

The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...

5.8AI score0.00346EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 8:22 p.m.6 views

EUVD-2026-39908

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...

5CVSS5.8AI score0.00258EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/26 8:21 p.m.5 views

EUVD-2026-39907

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File → Open...

7.8CVSS5.8AI score0.01314EPSS
Exploits5References2
EUVD
EUVD
added 2026/06/26 8:19 p.m.5 views

EUVD-2026-39906

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires Time-of-Check. However, the command payload is taken from the in-memory userCommands vector, which is populated at application...

7.5CVSS6AI score0.00129EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/26 8:16 p.m.6 views

EUVD-2026-39905

Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the...

7.5CVSS5.8AI score0.00108EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 8:12 p.m.5 views

EUVD-2026-39904

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::valueaNode Parameters.cpp:3658 in the feedUserCmds function and stored in UserCommand.cmd without any validation. When the user clicks the corresponding entry ...

7.8CVSS5.8AI score0.0036EPSS
Exploits3References2
EUVD
EUVD
added 2026/06/26 8:11 p.m.6 views

EUVD-2026-39903

Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...

7.8CVSS5.8AI score0.0036EPSS
Exploits4References2
EUVD
EUVD
added 2026/06/26 8:3 p.m.6 views

EUVD-2026-39866

RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, RustFS contains an authorization bypass in the bucket replication admin API. The ListRemoteTargetHandler handler for listing remote replication targets only checks whether request credentials exist...

8.2CVSS5.8AI score0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 8:1 p.m.5 views

EUVD-2026-39865

RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.4, authenticated users with only PutObject permission on their own bucket can exploit a path traversal vulnerability in the Snowball auto-extract feature to write arbitrary objects into other users' buckets, completely...

8.6CVSS5.9AI score0.00273EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:59 p.m.8 views

EUVD-2026-39864

RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage backend without ever calling the IAM authorization function that the FTP write/list handlers and t...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:57 p.m.6 views

EUVD-2026-39863

RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.7 and earlier, the real-time metrics endpoint at /rustfs/admin/v3/metrics is accessible to any valid IAM user regardless of their assigned policy. Every other admin handler in the codebase calls validateadminrequest to...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:54 p.m.6 views

EUVD-2026-39862

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:47 p.m.8 views

EUVD-2026-39861

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:41 p.m.6 views

EUVD-2026-39860

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid account and discloses the user's full name, allowing an attacker to enumerate all existing user account...

4.3CVSS5.8AI score0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:41 p.m.6 views

EUVD-2026-39859

In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...

5.8AI score0.00158EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 7:41 p.m.6 views

EUVD-2026-39857

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfiopcicoreclosedevice call vfiopcidmabufcleanup before the function is disabled via vfiopcicoredisable. This ensures that all access via DMABUFs is...

5.8AI score0.00174EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:41 p.m.9 views

EUVD-2026-39858

In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...

5.8AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 7:41 p.m.9 views

EUVD-2026-39856

In the Linux kernel, the following vulnerability has been resolved: iouring/napi: cap busypollto 10 msec Currently there's no cap on the maximum amount of time that napi is allowed to poll if no events are found, which can lead to kernel complaints on a task being stuck as there's no conditional...

5.8AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39855

In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current block number bdblocknr. If they differ, the block is considered dead and...

5.8AI score0.00173EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39854

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

5.8AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39853

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925txcheckaggr Move the NULL check for 'sta' before dereferencing it to prevent a possible crash...

5.8AI score0.00157EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 7:41 p.m.5 views

EUVD-2026-39852

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00157EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39851

In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...

5.8AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:41 p.m.6 views

EUVD-2026-39850

In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascoregetutcsecondtimestamp rascoregetutcsecondtimestamp retrieves the current UTC timestamp in seconds since the Unix epoch through a platform-specific RAS system callback and is used for...

5.8AI score0.00148EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:41 p.m.6 views

EUVD-2026-39849

In the Linux kernel, the following vulnerability has been resolved: padata: Put CPU offline callback in ONLINE section to allow failure syzbot reported the following warning: DEAD callback error for CPU1 WARNING: kernel/cpu.c:1463 at cpudown+0x759/0x1020 kernel/cpu.c:1463, CPU0: syz.0.1960/14614 ...

5.8AI score0.00161EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39848

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

5.8AI score0.00145EPSS
Exploits0References2
Total number of security vulnerabilities417642