Lucene search
K

418059 matches found

EUVD
EUVD
•added 2026/06/23 3:36 p.m.•8 views

EUVD-2026-38467

OpenHarness ohmo gateway /resume and /summary slash commands default remoteinvocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can exploit this to access victim snapshots containing private prompts, credentials, tool output, and...

7.1CVSS6.1AI score0.00231EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 3:35 p.m.•8 views

EUVD-2026-38466

NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups. Scoped admins can submit forged or stale connect callback values to wire messaging channel...

5.4CVSS5.9AI score0.00171EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 3:35 p.m.•7 views

EUVD-2026-38465

NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the createagent delivery-action handler that performs privileged central-database writes without host-side authorization checks. Confined agent containers can invoke createagent to create arbitrary agent groups, container...

6.8CVSS6AI score0.00113EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 3:34 p.m.•7 views

EUVD-2026-38464

NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment filenames using only isSafeAttachmentName before copying with fs.copyFileSync, which follows symlinks...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 3:34 p.m.•9 views

EUVD-2026-38463

NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the handleApprovalsResponse function that fails to verify responder role authorization. Attackers with a valid questionId can approve or reject privileged actions like package installation by submitting approval response...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 3:33 p.m.•5 views

EUVD-2026-38462

n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompress operation expanded attacker-controlled archives into memory without enforcing limits on decompressed output size. An unauthenticated attacker could send a small compressed archive to a public...

6.3CVSS5.9AI score0.00375EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 3:33 p.m.•5 views

EUVD-2026-38461

n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the Microsoft SQL node by supplying a crafted value as the table parameter. This pollutes Object.prototype...

7.2CVSS5.9AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 3:32 p.m.•5 views

EUVD-2026-38460

n8n is an open source workflow automation platform. Prior to 2.24.0, an endpoint in the Meta and Microsoft Teams trigger nodes reflects a query parameter into the HTTP response without sanitization or Content-Security-Policy headers, enabling reflected XSS in the n8n origin when a logged-in user...

6.8CVSS5.9AI score0.00177EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 3:31 p.m.•6 views

EUVD-2026-38459

n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing...

6.5CVSS5.8AI score0.0026EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 3:17 p.m.•8 views

EUVD-2025-210310

HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario...

3.5CVSS5.8AI score0.00098EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 3:7 p.m.•7 views

EUVD-2026-38458

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request method, protocol version, and response reason phrase. If an application placed attacker-controlled dat...

4.8CVSS5.8AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 3:5 p.m.•5 views

EUVD-2026-38457

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS5.9AI score0.00111EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 2:54 p.m.•8 views

EUVD-2026-38456

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy is transmitted in cleartext. Proxy authentication credentials the Proxy-Authorization header, proxy userinfo in the proxy URL, or CURLOPTPROXYUSERPW...

5.9CVSS5.9AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 2:48 p.m.•14 views

EUVD-2025-210309

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 2:25 p.m.•7 views

EUVD-2026-38451

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

10CVSS5.9AI score0.00408EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 2:20 p.m.•10 views

EUVD-2026-38455

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection SSTI vulnerability in the template rendering system. Administrators with access to features that render Twig templates email templates, mass mail campaigns, custo...

9.4CVSS6.4AI score0.01892EPSS
Exploits1References3
EUVD
EUVD
•added 2026/06/23 1:57 p.m.•7 views

EUVD-2026-38454

pwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/Home.razor...

7.4CVSS5.9AI score0.00142EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 1:48 p.m.•7 views

EUVD-2026-38453

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...

9.2CVSS5.9AI score0.00431EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/23 1:46 p.m.•6 views

EUVD-2026-38452

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by the...

8.8CVSS6.8AI score0.00664EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/23 1:31 p.m.•11 views

EUVD-2026-38450

DRIMO CMS is vulnerable to Reflected XSS via q parameter in searching functionality. An attacker can prepare an URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is in End Of Life phase and will not receive any updates. However, deleting info.php fi...

5.1CVSS6.1AI score0.00378EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 1:28 p.m.•10 views

EUVD-2026-38449

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS6AI score0.0025EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 1:26 p.m.•8 views

EUVD-2026-38448

A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogForwarder creator has permission to use those credentials, allowing a delegated editor to exfiltrat...

6.8CVSS5.8AI score0.00236EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:32 p.m.•9 views

EUVD-2026-38447

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pmauthormessage' parameter in the pmsendmessagetoauthor function in all versions up to, and including, 5.9.9.2 due to insufficient input sanitization and output...

6.4CVSS6AI score0.00201EPSS
Exploits0References6
EUVD
EUVD
•added 2026/06/23 12:31 p.m.•7 views

EUVD-2026-38446

Inefficient algorithmic complexity in Plug's nested-parameter decoder allows an unauthenticated remote attacker to cause denial of service. Plug.Conn.Query.decode/4 and Plug.Conn.Query.decodeeach/2 parse query strings and application/x-www-form-urlencoded request bodies. When a key contains many...

8.7CVSS5.9AI score0.00707EPSS
Exploits0References8
EUVD
EUVD
•added 2026/06/23 12:15 p.m.•8 views

EUVD-2026-38445

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. E-Commerce allows Reflected XSS. This issue affects e-Commerce: before 1.25.01.06...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•9 views

EUVD-2026-38444

OpenRemote Manager before 1.24.2 contains an insecure direct object reference vulnerability in the removeAlarms method that allows authenticated users to delete alarms from other tenants by supplying arbitrary alarm IDs. The bulk deletion endpoint fails to validate that targeted alarm IDs belong ...

8.6CVSS6AI score0.00258EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•9 views

EUVD-2026-38443

Hono before 4.12.12 does not validate cookie names on the write path in the setCookie, serialize, and serializeSigned functions, allowing invalid characters such as control characters e.g. \r or \n when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie...

6.9CVSS5.9AI score0.00247EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•7 views

EUVD-2026-38442

Grav before 2.0.0-beta.2 contains an XML external entity injection vulnerability in SVG file upload processing that allows authenticated attackers to read arbitrary files. The application uses simplexmlloadstring without disabling external entity loading, enabling attackers to inject XXE payloads...

7.1CVSS6AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•8 views

EUVD-2026-38441

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...

6.1AI score0.00895EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•7 views

EUVD-2026-38440

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•8 views

EUVD-2026-38439

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is process...

5.8AI score0.00257EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•9 views

EUVD-2026-38438

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /updates endpoint that resolves the defaultChannel parameter before enforcing privacy restrictions, allowing attackers to enumerate private channels and leak version/config state. Unauthenticated attacke...

8.7CVSS5.9AI score0.00334EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•7 views

EUVD-2026-38437

picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...

9.8CVSS6.7AI score0.00757EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•9 views

EUVD-2026-38436

Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server nuxt dev on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivileged co-resident users can exploit t...

6.8CVSS6AI score0.00103EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•9 views

EUVD-2026-38435

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS5.9AI score0.00183EPSS
Exploits1References2
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•7 views

EUVD-2026-38433

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing t...

6.1CVSS5.7AI score0.00195EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/23 12:13 p.m.•20 views

EUVD-2026-38434

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•7 views

EUVD-2026-38432

Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...

9.2CVSS6.5AI score0.00656EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•7 views

EUVD-2026-38431

Cap-go capgo capgo-backend before 12.128.12 contains an unauthenticated denial-of-service vulnerability arising from the auditlogs table's Row-Level Security RLS policy when accessed via the Supabase PostgREST API. Because the PostgreSQL query planner executes costly logic before RLS rejection,...

8.7CVSS5.9AI score0.00359EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•6 views

EUVD-2026-38429

Capgo before 12.128.2 contains a credential validation vulnerability in the POST /functions/v1/private/validatepasswordcompliance endpoint that is callable using only the public Supabase key without authentication. The endpoint is CORS-permissive with wildcard origin allowance and lacks rate...

6.9CVSS5.9AI score0.00247EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•7 views

EUVD-2026-38430

Capgo before 12.128.2 contains a security control bypass vulnerability where the PostgREST/RLS plane accepts plaintext API keys through the capgkey header despite enforcehashedapikeys being enabled. Attackers can bypass org-level hashed-key enforcement by sending plaintext API keys directly to th...

8.6CVSS5.9AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•7 views

EUVD-2026-38428

Capgo before 12.128.2 contains an authorization bypass vulnerability in its public API key management handlers get/put/delete/post. API keys created with mode=all but restricted to a single app via limitedtoapps are only checked for limitedtoorgs and not for limitedtoapps, so an app-scoped key ca...

8.7CVSS5.9AI score0.00292EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•9 views

EUVD-2026-38427

Capgo before 12.128.2 contains an authorization bypass vulnerability in POST /private/rolebindings that fails to verify appid ownership during app-scoped role binding creation. An attacker with administrative privileges in one organization can create role bindings targeting applications owned by...

8.6CVSS6AI score0.00356EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•8 views

EUVD-2025-210308

picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetchcompletions in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims...

8.1CVSS6.1AI score0.003EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•5 views

EUVD-2025-210307

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS6.2AI score0.00379EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•6 views

EUVD-2025-210305

picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution whe...

8.1CVSS6.5AI score0.00466EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•7 views

EUVD-2025-210306

picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when loaded...

8.1CVSS6.3AI score0.003EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•8 views

EUVD-2025-210304

Flowise before 3.0.10 affected versions 3.0.7 and earlier contains an unverified email change vulnerability. An authenticated user can change the account email address, used as a login identifier and password-recovery channel, via the account profile endpoint without confirming the change to the...

8.7CVSS5.8AI score0.00296EPSS
Exploits1References2
EUVD
EUVD
•added 2026/06/23 12:12 p.m.•5 views

EUVD-2023-60596

Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard library's HTTP/2 implementation CVE-2023-44487 / CVE-2023-39325, the 'Rapid Reset' technique. A remote attacker can rapidly create and cancel HTTP/2...

8.7CVSS5.9AI score0.00562EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/23 12:8 p.m.•8 views

EUVD-2026-38426

Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04...

8.8CVSS5.9AI score0.00228EPSS
Exploits0References1
Total number of security vulnerabilities418059