Lucene search
K

420584 matches found

EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44728

RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Console components/object/preview-modal.tsx and components/object/pdf-viewer.tsx extension-based PDF preview path can render HTML content uploaded as .pdf, allowing stored...

9CVSS
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44727

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44726

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.6CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44722

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44721

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44720

Lightpanda is a headless browser designed for AI and automation. Prior to 0.3.1, Lightpanda searched for @ across the entire URL string instead of only the authority component when computing a page origin, so a URL such as http://attacker.com/@victim.com/ was fetched from attacker.com but treated...

9.3CVSS0.00033EPSS
Exploits0References4
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44719

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44718

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44717

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

8.1CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44716

A vulnerability in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system to either read or delete arbitrary files. To exploit this vulnerability, the...

5.5CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44715

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

8.8CVSS
Exploits0References1
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44714

Lightpanda is a headless browser designed for AI and automation. Prior to 0.2.9, Lightpanda fetch and XMLHttpRequest unconditionally attached session cookies to every HTTP request, ignoring credentials: omit, credentials: same-origin, credentials: include, and XMLHttpRequest.withCredentials,...

9.3CVSS0.00033EPSS
Exploits0References4
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44712

Postiz is an AI social media scheduling tool. Prior to 2.21.8, Postiz fails to verify Nowpayments IPN callback authenticity against the payment provider shared secret and reads the target subscription identifier from the untrusted request body, allowing a low-privileged account to grant arbitrary...

7.7CVSS0.00022EPSS
Exploits0References4
EUVD
EUVD
added 2 hours ago5 views

EUVD-2026-44708

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser builds new user scopes from usernames passed through cleanUsername when Signup=true and CreateUserDir=true, but the many-to-one...

8.1CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44707

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. From 2.63.6 to 2.63.16, File Browser's archive builder uses strings.ReplaceAllnameInArchive, "", "/", which turns a POSIX filename such as ....\evil.sh into the...

6.8CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44706

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in HCL Notes from HCL Software allows reflected Cross-Site Scripting XSS. Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of another user. This issue affects...

5.5CVSS6.3AI score
Exploits0References1
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-44705

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser can leave a public directory share behind when the shared directory is deleted through a path with a trailing slash because the...

3.1CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44704

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.111.0 and 16.22.0, an authenticated user with a standard operational role can trigger server-side template injection through a configuration field, resulting in unauthorized disclosure of data outside the user's norm...

8.8CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44703

Zen is a firefox-based browser. Prior to 1.19.13b, Zen Browser did not provide a persistent, clearly visible security notification when a webpage entered fullscreen mode, allowing an attacker-controlled page to hide the real browser UI and origin information, imitate a trusted website UI, and...

6.3CVSS6.1AI score0.00027EPSS
Exploits0References1
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44702

Metabase is an open-source business intelligence and embedded analytics tool. From 1.57.0 until 1.57.19.1, 1.58.14.1, 1.59.10, and 1.60.4, an attacker who can configure a Metabase database connection can read arbitrary files from the Metabase server's filesystem by adding unsafe JDBC parameters t...

7.6CVSS6.2AI score0.00037EPSS
Exploits0References1
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44701

Metabase is an open-source business intelligence and embedded analytics tool. From 1.54.0 until 1.54.24, 1.55.24, 1.56.25, 1.57.19, 1.58.14, 1.59.10, and 1.60.4, a Metabase user with permission to add or edit a database connection can achieve remote code execution on the Metabase server by...

10CVSS6.6AI score0.00338EPSS
Exploits0References1
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-44700

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot MCP's mcp/packages/server/src/ReplServer.ts bound the ReplServer to 0.0.0.0:4403 and exposed an unauthenticated /execute endpoint that passed the code field to PluginBridge.executePluginTask, allowing...

8.8CVSS0.00045EPSS
Exploits0References4
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44699

Penpot is an open-source design tool for design and code collaboration. Prior to 2.14.5, Penpot exposed teamsinvitations.clj invitation tokens from create-team-invitations, embedded an existing profile id in auth.clj prepare-register-profile, and had auth.clj register-profile issue a session base...

9.9CVSS6.1AI score0.00083EPSS
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44698

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot's remote image import passed the user-controlled url from frontend/src/app/main/data/workspace/media.cljs into the backend RPC method :create-file-media-object-from-url in...

7.7CVSS6.2AI score0.00032EPSS
Exploits1References2
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44697

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...

8.8CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44696

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's /icons/domain/icon.png endpoint used src/httpclient.rs checks including shouldblockaddress and postresolve that missed decimal, hexadecimal, and octal IP representations, allowing SSRF through the...

5.8CVSS6.1AI score0.00048EPSS
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44695

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP emailverified claim only for new-user creation and not when SSOSIGNUPSMATCHEMAIL=true linked an IdP identity to an existing local account, allowing an attacker-controlled Id...

7.7CVSS6.1AI score0.00053EPSS
Exploits0References4
EUVD
EUVD
added 3 hours ago4 views

EUVD-2026-44694

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO discovery and pre-validation flow returned organization-related SSO metadata including organizationIdentifier values for arbitrary email addresses and allowed a valid pre-validation JWT to be obtained...

6.9CVSS6.2AI score0.00046EPSS
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44693

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...

8.3CVSS6.1AI score0.00031EPSS
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44692

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such as $… and …, so the incomplete CVE-2026-45038 fix for...

7.8CVSS6.4AI score0.00025EPSS
Exploits0References3
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44691

Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. Prior to 2.0.0, Stirling-PDF's /get-info-on-pdf endpoint rendered PDF Title and Author metadata fields without proper HTML encoding or sanitization, allowing a crafted PDF to execute...

6.1CVSS6.2AI score0.0006EPSS
Exploits0References2
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44690

Nixpkgs is a collection of software packages that can be installed with the Nix package manager. Prior to the 25.11 and 26.05 channel fixes, the NixOS module for MySQL services.mysql initializes the MySQL database in a way that allows local users, such as unprivileged web or CGI processes on the...

8.5CVSS6.1AI score
Exploits0References7
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44689

Cloudreve is a self-hosted file management and sharing system. From 4.12.0 until 4.16.1, Cloudreve's OAuth access tokens are issued without the OAuth clientid claim, so the JWT verifier does not load token scopes into request context and RequiredScopes treats the request like non-scoped session...

7.6CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44688

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, a Cloudreve WebDAV account rooted at a configured folder can send paths such as /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request suffix to the account root with...

7.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44687

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...

6.5CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44686

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44685

When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...

6.3CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44684

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44683

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable i...

9.2CVSS6.4AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44682

The NGINX Agent configdirs directive allows a low-privileged attacker to gain limited read and write access to files outside of the designated secure directory. The configdirs directive required for this issue can also be configured through NGINX Instance Manager. A successful exploit may allow a...

6.4CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44681

When NGINX Ingress Controller processes Ingress or TransportServer resources, an authenticated, remote attacker with permission to create or modify Ingress or TransportServer resources can cause the NGINX Ingress Controller process to terminate. Impact: The NGINX Ingress Controller control plane...

7.1CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago4 views

EUVD-2026-44680

When NGINX Ingress Controller is configured with Custom Resource Definitions CRDs or Ingress annotations, an injection vulnerability exists in the configuration generator of NGINX Ingress Controller. Multiple user-controllable fields are written into the generated NGINX configuration without...

8.7CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44679

When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Impact: System performance can degrade until the TMM process is either forced to restart or is manually restarted. This vulnerability allows a remote,...

8.7CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44678

FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta5, FastGPT's shared SSRF guard validates only the initial request URL before handing the request to axios, and axios follows redirects by default. An authenticated workflow user can configure an HTTP request node to call an...

6.3CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44677

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44676

FastGPT is a knowledge-based AI application platform. In 4.15.0-beta4, FastGPT plugin invoke reverse-call endpoints under /api/invoke/ authenticate only by verifying a JWT signed with INVOKETOKENSECRET, which defaults to the constant string token and was not set in official deployment templates. ...

8.8CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 3 hours ago2 views

EUVD-2026-44675

Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...

5.1CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44674

Cursor is a code editor built for programming with AI. Prior to the Cloud Agent fix on 03/31/2026, browser-enabled Cursor Cloud Agent sessions allowed attacker-controlled web content to connect from inside the agent container to an unauthenticated local agent endpoint, enabling code execution...

7.7CVSS6.4AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago4 views

EUVD-2026-44673

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is enabled, the cache-key derivation in api/src/utils/get-cache-key.ts includes version, path, query, and accountability.user but omits authorization context such as share, role...

8.6CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-44672

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, the SSRF protection on Directus's file-import-from-URL feature can be bypassed using the address 0.0.0.0 because api/src/request/is-denied-ip.ts treats 0.0.0.0 as a keyword for local interfaces but...

7.7CVSS6.1AI score
Exploits0References4
Total number of security vulnerabilities420584