Lucene search
K

417758 matches found

EUVD
EUVD
added 2026/06/24 9:45 p.m.5 views

EUVD-2026-39131

Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL clause without sanitization. The endpoint does not require authentication graph viewing supports guest access via the configured guest...

9.8CVSS5.9AI score0.00363EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 9:38 p.m.10 views

EUVD-2026-39129

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses...

5.1CVSS5.9AI score0.00218EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/24 9:38 p.m.3 views

EUVD-2026-39118

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the bundled Caddy reverse-proxy's admin API — which has no authentication by default — is bound on 0.0.0.0:2019 inside the container. While this listener is not directly published to the host by...

9.9CVSS5.9AI score0.00328EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/24 9:36 p.m.4 views

EUVD-2026-39111

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the outbound HTTP host filter applied by WebClientUtils used by the REST API and GraphQL datasource plugins validates hosts against an exact-match string denylist. The comprehensive address-class check...

5.3CVSS6AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:35 p.m.4 views

EUVD-2026-39107

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, Appsmith's bundled supervisord exposes an XML-RPC interface on port 9001, reachable from outside the container via a Caddy reverse-proxy route at /supervisor/ on the public ingress. Combined with the...

8.9CVSS6.1AI score0.00271EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/24 9:32 p.m.3 views

EUVD-2026-39106

The Zephyr PL011 UART driver drivers/serial/uartpl011.c contains an unbounded software loop in pl011irqtxenable that repeatedly invokes the interrupt-driven application callback while the TX interrupt mask bit PL011IMSCTXIM is set, to work around the controller's level-transition TX-interrupt...

6.5CVSS5.9AI score0.00185EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/24 9:30 p.m.6 views

EUVD-2026-39105

Chrome DevTools for agents chrome-devtools-mcp lets your coding agent control and inspect a live Chrome browser. From 0.20.0 until 1.1.0, The chrome-devtools-mcp daemon writes its PID file with fs.writeFileSync to a deterministic runtime path. On typical macOS environments, and on Linux sessions...

6.1CVSS5.9AI score0.00077EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/24 9:29 p.m.3 views

EUVD-2026-39104

Chrome DevTools for agents chrome-devtools-mcp lets your coding agent control and inspect a live Chrome browser. From 0.24.0 until 1.1.0, McpContext.validatePath enforces workspace roots by checking whether path.resolvefilePath textually falls under one of the configured root paths. path.resolve...

6.1CVSS5.8AI score0.00087EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/24 9:26 p.m.5 views

EUVD-2026-39103

Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 9:24 p.m.4 views

EUVD-2026-39102

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields name, version, author, description when they are serialized into the data-obj HTML attribute of each marketplace card. Because the attribute is single-quoted and the value is...

9CVSS6AI score0.00327EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:21 p.m.3 views

EUVD-2026-39101

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious in a Bazaar package README that executes arbitrary...

8.7CVSS6.1AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:20 p.m.4 views

EUVD-2026-39128

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a stored cross-site scripting XSS vulnerability in the Attribute View database asset cell renderer that escalates to remote code execution RCE in the Electron desktop client. This vulnerability is fixed...

9.9CVSS6.4AI score0.0044EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:19 p.m.4 views

EUVD-2026-39127

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the attribute-view database cell renderer genAVValueHTML interpolates cell content raw in four of its branches: text, url, phone, and mAsset. A cell value like or " breaks out of its surrounding tag and runs arbitrary...

9.9CVSS6AI score0.00289EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:18 p.m.5 views

EUVD-2026-39126

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar package README from Markdown to HTML with the lute engine and SetSanitizetrue. The lute sanitizer is an event-handler blocklist: allowAttr rejects only...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:17 p.m.6 views

EUVD-2026-39125

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan Note's kernel HTTP server unconditionally trusts all chrome-extension:// origins, granting RoleAdministrator access to every installed browser extension without any authentication. Combined with the default empt...

9.2CVSS5.9AI score0.00607EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:15 p.m.5 views

EUVD-2026-39124

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDynamicIcon endpoint is explicitly excluded from authentication in SiYuan's kernel router router.go, "不需要鉴权" -- no auth needed. When called with type=8 and a valid block id parameter, this endpoint...

5.9CVSS6AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:14 p.m.5 views

EUVD-2026-39123

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, CSS snippet body containing breaks out of its surrounding tag when renderSnippet interpolates it via insertAdjacentHTML. A payload like runs arbitrary JavaScript in the renderer. On Electron desktop builds the renderer...

9.9CVSS6AI score0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:13 p.m.3 views

EUVD-2026-39122

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...

7.5CVSS6AI score0.01892EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:8 p.m.5 views

EUVD-2026-39121

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication authRequired: true but performs no authorization check. Any authenticated user —...

8.1CVSS5.9AI score0.00323EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:7 p.m.3 views

EUVD-2026-39120

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT signatures but skips claims validation. Any Apple-signed JWT with a non-empty iss is accepted...

7.4CVSS5.9AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:6 p.m.6 views

EUVD-2026-39119

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by Apple during the OAuth flow. The try block checks for an...

9.3CVSS6AI score0.00295EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:5 p.m.4 views

EUVD-2026-39099

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, in the visitors.info endpoint, https://developer.rocket.chat/apidocs/get-visitor-information-by-id-1, token is returned in the response. It...

6.7CVSS5.8AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:4 p.m.4 views

EUVD-2026-39098

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat does not revoke OAuth bearer or refresh tokens when a user is deactivated. A deactivated user can continue using an existing OAuth...

2.3CVSS5.9AI score0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:1 p.m.4 views

EUVD-2026-39097

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat allows users deactivated through users.deactivateIdle to keep using already-issued login tokens. A user that an administrator has...

2.3CVSS5.8AI score0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 9:1 p.m.5 views

EUVD-2026-39096

FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...

9.3CVSS5.8AI score0.00289EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:58 p.m.5 views

EUVD-2026-39095

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implementation silently skips both SAML Response and Assertion signature validation when the configured Id...

9.3CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:57 p.m.5 views

EUVD-2026-39094

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single HTTP POST with...

9.1CVSS6.1AI score0.00308EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:56 p.m.5 views

EUVD-2026-39093

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the client-supplied options.cas.credentialToken value straight into a MongoDB findOneid: ... query...

9.1CVSS5.9AI score0.00289EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:55 p.m.5 views

EUVD-2026-39092

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's sendFileMessage DDP method passes the entire attacker-supplied file object into Uploads.updateFileComplete, which merges it...

8.5CVSS5.9AI score0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:54 p.m.6 views

EUVD-2026-39091

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML integration does not verify the signature on inbound LogoutRequest messages. An unauthenticated remote attacker who knows a...

8.7CVSS6AI score0.00451EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:52 p.m.5 views

EUVD-2026-39090

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS5.8AI score0.0031EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:51 p.m.6 views

EUVD-2026-39089

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, the ImageElement component in packages/gazzodown renders user-controlled src values directly into and attributes without protocol sanitization. Unlike the analogous LinkSpan component — which uses...

4.4CVSS6.1AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:45 p.m.4 views

EUVD-2026-39088

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

7.2CVSS5.8AI score0.18993EPSS
Exploits16References2
EUVD
EUVD
added 2026/06/24 8:39 p.m.5 views

EUVD-2026-39086

A flaw was found in KubeVirt's safepath package. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream helpers operate via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel dereferences it, defeating the...

5.2CVSS5.8AI score0.00124EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:39 p.m.4 views

EUVD-2026-39087

A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity namespace/name solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI...

6.5CVSS5.8AI score0.00094EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:35 p.m.4 views

EUVD-2026-39085

Gogs is an open source self-hosted Git service. Prior to 0.14.0, as an authorized user, an intruder can dictate the value which is passed to the git diff command which, together with bypassing the filtering of the passed value, allows the user to bypass the target directory and write the result o...

8.5CVSS6AI score0.0035EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 8:33 p.m.5 views

EUVD-2026-39084

Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization names containing path traversal sequences ../ are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary...

10CVSS6.1AI score0.01107EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:32 p.m.3 views

EUVD-2026-39083

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git LFS storage is content-addressed by OID alone /// but per-repo authorization lives in the lfsobject table keyed repoid, oid. serveUpload skips re-uploading when the OID file already exists on disk and inserts a new repoid, oid r...

7.1CVSS5.9AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:31 p.m.4 views

EUVD-2026-39082

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component —...

9CVSS5.9AI score0.00474EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:30 p.m.5 views

EUVD-2026-39081

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git smart HTTP authorizes POST …/git-receive-pack using the client-supplied service query string so ?service=git-upload-pack is evaluated as read access while routing still runs git receive-pack, allowing push where only read should...

7.1CVSS5.9AI score0.00427EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:29 p.m.8 views

EUVD-2026-39080

A flaw in AngularJS' Strict Contextual Escaping SCE logic allows bypassing certain SCE policies for resource URLs and can lead to arbitrary JavaScript execution within the context of the victim's browser session. SCE's purpose is to ensure that only trusted or safe values are used in certain...

7.6CVSS6.1AI score0.00338EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:29 p.m.5 views

EUVD-2026-39079

Gogs is an open source self-hosted Git service. Prior to 0.14.3, password-reset tokens are generated using conf.Auth.ActivateCodeLives the account-activation lifetime, not conf.Auth.ResetPasswordCodeLives. The token lifetime is baked into the token itself at generation time and is re-extracted fr...

6.8CVSS5.9AI score0.00202EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:28 p.m.5 views

EUVD-2026-39078

motionEye mEye is an online interface for motion software, which is a video surveillance program with motion detection. Versions prior to 0.44.0 are vulnerable to path traversal in the picture and movie API endpoints, suhc as /picture/id/preview/filename. Neither the API handlers, nor the...

6.5CVSS5.9AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:27 p.m.5 views

EUVD-2026-39077

Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...

7.1CVSS5.9AI score0.00478EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:26 p.m.6 views

EUVD-2026-39076

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook ipynb sanitizer endpoint at POST /-/api/sanitizeipynb allows arbitrary data: URIs without proper restrictions, potentially leading to Cross-Site Scripting XSS. The endpoint uses bluemonday.UGCPolicy with...

6.4CVSS6AI score0.00677EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:25 p.m.5 views

EUVD-2026-39075

Gogs is an open source self-hosted Git service. Prior to 0.14.3, in newform.tmpl, milestone names are rendered with Go's default auto-escaping .Name, which converts to etc. This prevents direct HTML injection. However, when the browser renders the DOM, the text content of the element contains the...

4.8CVSS5.9AI score0.00483EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:22 p.m.6 views

EUVD-2026-39074

Gogs is an open source self-hosted Git service. Prior to 0.14.3, a Server-Side Request Forgery SSRF vulnerability exists in the repository migration functionality. The application validates only the initially submitted URL hostname, but git clone --mirror follows HTTP redirects. An authenticated...

8.7CVSS5.9AI score0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:21 p.m.4 views

EUVD-2026-39073

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs allows authenticated users to achieve Remote Code Execution RCE on the server by creating a pull request with a specially crafted branch name that injects the --exec flag into the git rebase command during the "Rebase before...

9.9CVSS6AI score0.01029EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:20 p.m.4 views

EUVD-2026-39072

Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3...

7CVSS5.9AI score0.00499EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 8:19 p.m.5 views

EUVD-2026-39071

Gogs is an open source self-hosted Git service. Prior to 0.14.3, GET /attachments/:uuid returns the raw attachment file without verifying whether the requester has view permission for the associated Issue/Comment/Release or the repository. In a test environment with REQUIRESIGNINVIEW = false, we...

7.5CVSS5.9AI score0.00422EPSS
Exploits0References2
Total number of security vulnerabilities417758