Lucene search
K
GithubRecent

33187 matches found

Github Security Blog
Github Security Blog
added 2026/06/22 8:39 p.m.5 views

OpenAM SAML2 Cluster Cookie-Hash-Redirect Path has Pre-authentication Reflected XSS via `FSUtils.postToTarget`

Summary Certain federation endpoints do not consistently apply output encoding when rendering user-supplied parameters into HTML responses. Under a non-default configuration used in some clustered deployments, this inconsistency can result in reflected XSS in the OpenAM origin without...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:35 p.m.9 views

Inspektor Gadget: Unprivileged container can crash USDT note parser via crafted ELF (no shipped gadget affected)

Summary A malicious container can crash or destabilize the privileged Inspektor Gadget process when a gadget using USDT probes is deployed. The vulnerability is in the USDT note parser pkg/uprobetracer/usdt.go which is invoked when a gadget with a SEC"usdt/..." section attaches to a target binary...

6.3AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:30 p.m.11 views

Paymenter has broken object level authorization via service reference manipulation on ticket creation

Summary The ticket creation endpoint accepts a user-supplied service identifier without enforcing ownership validation, allowing authenticated users to create support tickets referencing services belonging to other accounts by modifying the service ID in the request. Technical Details The ticket...

5.9AI score0.00042EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:29 p.m.9 views

Paymenter doesn't reset email verification status after email change

Summary The email update functionality fails to invalidate the existing verification state when a user changes their email address, allowing a verified account to retain its verified status after switching to an unverified or unowned email address. Technical Details When a user updated their emai...

6AI score0.00034EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:28 p.m.9 views

Paymenter has Blind Unauthenticated SSRF on the Paypal gateway module

Summary The PayPal webhook endpoint /extensions/paypal/webhook processes the PAYPAL-CERT-URL HTTP header without validation, allowing attackers to control server-side HTTP request destinations. Technical details: The /extensions/paypal/webhook endpoint processes incoming webhook requests and trus...

6.1AI score0.00021EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:15 p.m.7 views

Build breakout using malicious Containerfile and Git Smart HTTP server or GitHub release tar archive

Impact When processing a build contexts or add/copy instructions, a malicious server serving a Git repository or a tar archive file can cause files outside of the build context directory to be included in the build context or copied into the build. Patches Fixed in Buildah 1.44 and 1.43.2...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:11 p.m.6 views

OpenAM has pre-auth Reflected XSS in OAuth2 / OIDC response_mode=form_post via state parameter (FormPostResponse.ftl)

Summary The OAuth 2.0 / OpenID Connect authorization endpoint does not sufficiently sanitize certain user-supplied parameters before incorporating them into the HTML response generated for the formpost response mode. This may allow an attacker to inject content into the rendered page in the conte...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:10 p.m.6 views

OpenAM Authenticated Server-Side Request Forgery (SSRF) via `/sessionservice`

OpenAM Open Identity Platform is an open-source Identity and Access Management IAM platform derived from ForgeRock OpenAM, providing SSO, OAuth2, SAML, and OpenID Connect capabilities. It is widely deployed in enterprise environments as a central authentication gateway. The /sessionservice...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:9 p.m.13 views

xwiki-pro-macros has remote code execution from page title and content via excerpt-include macro

Summary The excerpt-include macro does not properly escape the title of the included page and executes the content of the excerpt with the macro's rights. Therefore, it is vulnerable to XWiki syntax injection via the included page's title and content, allowing remote code execution for any user w...

6.5AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 8:1 p.m.6 views

runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations

Impact When setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join string which allow an image with /dev as a symlink to trick runc into deleting files called ptmx on the host or creating a hardcoded set of symlinks with specific names a...

3.3CVSS5.7AI score0.00222EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 7:59 p.m.10 views

OpenAM has LDAP Injection via `_queryId` Parameter

OpenAM Open Identity Platform is an open-source IAM platform providing SSO, OAuth2, SAML, and OpenID Connect capabilities. The CREST REST API layer exposes user query endpoints under /json/realm/users. In IdentityResourceV1.queryCollection, the HTTP query parameter queryId is passed to a CrestQue...

7.5CVSS7.3AI score0.76385EPSS
Exploits5References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 7:58 p.m.14 views

AVideo has an Authorize.Net Webhook Signature Bypass that Enables Wallet Balance Inflation via Forged Payment Data

Summary The Authorize.Net webhook handler at plugin/AuthorizeNet/webhook.php contains a signature verification bypass that allows an attacker to forge webhook requests with arbitrary payment amounts and target user IDs. By supplying a valid transaction ID from a small legitimate purchase, the...

6.2AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 7:58 p.m.7 views

ComfyUI-Manager has an Unprotected Alternate Channel (CWE-420)

Impact An Unprotected Alternate Channel CWE-420 vulnerability was discovered in ComfyUI-Manager versions prior to 3.38. Vulnerability Details In affected versions, ComfyUI-Manager stored its configuration in the user/default/ComfyUI-Manager/ directory, which was accessible via ComfyUI's web APIs...

7.5CVSS7.5AI score0.01361EPSS
Exploits3References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 7:54 p.m.7 views

AVideo Vulnerable to Unauthenticated .env File Exposure via Official Docker Compose Configuration

Vulnerability Details CWE: CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory The official docker-compose.yml line 61 mounts the entire project root directory as the Apache document root: yaml volumes: - "./:/var/www/html/AVideo" This causes the .env file —...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 5:25 p.m.10 views

AVideo's Privilege Escalation via Unguarded Permission Parameters in signUp API Allows Self-Granting Upload/Stream/Meet Permissions

Summary The setapisignUp method in the API plugin accepts emailVerified, canUpload, canStream, and canCreateMeet parameters from user-supplied input and applies them to newly created accounts without verifying that the request was authenticated with a valid APISecret. Any anonymous user who can...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 5:19 p.m.5 views

Mise Vulnerable to Arbitrary Code Execution via Tera Templates in .tool-versions Files (Trust Bypass)

Summary Mise processes .tool-versions files through the Tera template engine during parsing, with the exec function registered, enabling arbitrary command execution. Unlike .mise.toml files, .tool-versions files are not subject to trust verification in non-paranoid mode. This means an attacker ca...

9.6CVSS6.4AI score0.00685EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 5:11 p.m.8 views

motionEye's World-Readable Configuration File Exposes Admin Password Hash

Security Advisory: World-Readable Configuration File Exposes Admin Password Hash in motionEye Summary motionEye v0.43.1 and prior versions create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contai...

7.2CVSS5.8AI score0.18993EPSS
Exploits16References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 5:10 p.m.7 views

motionEye has an Arbitrary File Read via Path Traversal in Picture/Movie Preview Endpoint

Summary motionEye v0.43.1 latest stable is vulnerable to path traversal in the picture and movie API endpoints, like /picture/id/preview/filename. Neither the API handlers, nor the mediafiles.py functions like getmediapreview check for .. sequences in the filename parameter, except getmediaconten...

6.5CVSS5.9AI score0.00418EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 5:9 p.m.8 views

Gogs has an Authentication Bypass via Unvalidated Reverse Proxy Headers

Summary When ENABLEREVERSEPROXYAUTHENTICATION is enabled, Gogs accepts the configured authentication header default: X-WEBAUTH-USER directly from client requests without validating that the request originated from a trusted reverse proxy. Any remote attacker who can reach the Gogs service can for...

8.7CVSS6AI score0.00864EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 5:1 p.m.7 views

OpenCTI has Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature

Summary The OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true. This allows attackers to craft requests to arbitrary endpoints, including internal services, because Axios wil...

7.7CVSS6.7AI score0.00212EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 4:58 p.m.16 views

Gogs has a Denial of Service in repository/wiki file listing web pages

Summary A malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the pages containing the listing of files will return HTTP error 500 and render the web interface unusable for the repository or wiki. Details The issue is...

4.9CVSS5.9AI score0.0044EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 4:53 p.m.15 views

Paymenter vulnerable to Remote Code Execution via public file uploads

Impact The ticket attachments functionality in Paymenter allows a malicious authenticated user to upload arbitrary files. With the ability to execute arbitrary code, this vulnerability can be exploited in numerous ways, including but not limited to: - Extracting sensitive data from the database...

9.9CVSS6.2AI score0.00374EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 4:43 p.m.13 views

OpenCTI May Bypass Introspection Restriction

Summary The regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed characters from the query. Details GraphQL Queries in OpenCTI can be validated using the secureIntrospectionPlugin. Impact Bypassing this restriction...

8.2CVSS5.8AI score0.00442EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.14 views

Anki's local HTTP server does not sufficiently validate requests

Summary Anki launches a local HTTP server to serve media files and web pages for parts of its interface. The server fails to validate requests in the following ways: 1. No sufficient validation of the Origin header. 2. Some endpoints are vulnerable to path traversal attacks. This allows malicious...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.18 views

SurrealDB: Denial of Service via deep operator chains

An authenticated user could crash a SurrealDB server with a single query containing a long chain of operators. Such a query — for example RETURN 1 + 1 + 1 + ... with tens of thousands of terms — is parsed into an expression tree one level deep per operator. Because the chain is flat and the pratt...

6.3AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.16 views

SurrealDB: Field-level SELECT permissions bypassed via graph and reference traversals

A record user could read field values hidden from them by field-level SELECT permissions by reaching the records through a graph-edge - or back-reference SELECT FROM knows, person:bobknows-SELECT FROM person — returned it intact. The root cause: the shared resolverecordbatch helper used by...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.23 views

SurrealDB: Indexed ORDER BY leaks the value ordering of a SELECT-restricted field

A field can be hidden from a user with a field-level SELECT permission DEFINE FIELD code ON secret PERMISSIONS FOR select WHERE owner = $auth.id. When that field is indexed, a record user who cannot read it could still recover the relative ordering of its values across every record by issuing ORD...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.20 views

SurrealDB: Arbitrary file read via DEFINE ANALYZER mapper() filter

SurrealDB's full-text search lets you define a text analyzer whose mapper filter loads a term-mapping file from disk DEFINE ANALYZER ... FILTERS mapper''. A database user with the EDITOR or OWNER role could point that filter at any file the SurrealDB process can read and have its content returned...

5.7AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.13 views

SurrealDB: SSRF via JWKS URL — Redirect Following in JWT Key Fetch

SurrealDB fetches the JWKS document for a JWT or record access method using a bare reqwest client that follows HTTP redirects by default. The network capability check in core/src/iam/jwks.rs checkcapabilitiesurl is applied only to the originally configured URL; redirect targets are not...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.28 views

pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size

Summary NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is followed, so files outside the configured directory are read into settings value...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.16 views

Lokka: Azure Resource Manager URL path validation issue

Lokka versions prior to 2.1.2 constructed Azure Resource Manager request URLs using direct string concatenation with user-controlled path input. Specially crafted path values could alter URL authority parsing and cause Azure Resource Manager bearer tokens to be sent to an unintended host. Version...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.22 views

@jhb.software/payload-cloudinary-plugin: Arbitrary Cloudinary API Parameter Signing

Arbitrary Cloudinary API Parameter Signing in @jhb.software/payload-cloudinary-plugin Summary @jhb.software/payload-cloudinary-plugin v0.3.4 exposes a server-side signing endpoint POST /api/cloudinary-generate-signature that passes attacker-supplied paramsToSign directly to...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.22 views

LangSmith SDK TracingMiddleware: Arbitrary server-side file read

Summary An attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to LangSmith as a trace attachment. Depending on how the distributed trace system is deploye...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.23 views

githubtoplanguages: Command Injection via Issue Title in Discord Notification Workflow

Summary A GitHub Actions workflow is vulnerable to command injection through the issue title. The workflow is triggered when an issue is opened or closed, and it directly inserts github.event.issue.title into a Bash variable assignment. If an issue title contains command substitution syntax, Bash...

6.1AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.11 views

Cloudflare Quiche: Use-after-free in connection ID iterator FFI functions

Impact Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The quicheconnectioniditernext and quicheconnretiredscidnext functions would return a pointer to a ConnectionId to the applications via function arguments, but the the owned...

5.6CVSS5.8AI score0.0017EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.13 views

Zeep: Server-Side Request Forgery (SSRF)

Summary When parsing a WSDL or XSD document, python-zeep follows transitive references — xsd:import, xsd:include, wsdl:import, and lxml entity/DTD resolution — and will fetch http/https URLs found in those references. The Settings.forbidexternal option, intended to disable this transitive remote...

6AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.28 views

Anki: User scripts in iframes have access to the internal Anki API

Summary Anki's webview-based pages communicate with the Rust backend using an internal localhost API. Anki implements measures to prevent user scripts run in the reviewer/editor from accessing this API https://github.com/ankitects/anki/pull/3925 but it inadvertently allows access to scripts...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 10:8 p.m.9 views

ChatterBot: Symlink-Following Arbitrary Write via UbuntuCorpusTrainer

Summary ChatterBot's UbuntuCorpusTrainer.extract uses a predictable, home-rooted output directory /ubuntudata/ubuntudialogs with a check-then-create pattern if not os.path.exists: os.makedirs followed by tar.extractallpath=self.datapath. A local attacker who pre-plants a symlink at the predictabl...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:43 p.m.11 views

OpenRemote Manager: removeAlarms cross-realm IDOR (bulk delete)

Summary OpenRemote Manager is vulnerable to a cross-tenant Insecure Direct Object Reference IDOR in the bulk alarm deletion endpoint. An authenticated user in any realm can delete alarms belonging to other realms tenants by supplying arbitrary alarm IDs. The vulnerability exists because the bulk...

6AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:43 p.m.10 views

appium-mcp: Unescaped Locator Data XSS in MCP-UI Resource (createLocatorGeneratorUI)

Unescaped Locator Data XSS in MCP-UI Resource createLocatorGeneratorUI Summary appium-mcp's createLocatorGeneratorUI function interpolates attacker-controlled element attributes — text, content-desc, resource-id, and locator selector values — directly into an HTML template literal without any HTM...

6.4AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:43 p.m.15 views

EverOS: Path traversal in EverOS /api/v1/memory/add via unvalidated sender_id

EverOS versions 1.0.0 and earlier are vulnerable to path traversal in the POST /api/v1/memory/add ingestion endpoint. The per-message senderid field was not validated as a path-safe identifier unlike appid / projectid, which already enforced this. During user-memory extraction, senderid is used a...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:43 p.m.10 views

Uni-CLI: Legacy HTTP MCP transport accepted browser-originated localhost requests

Impact Uni-CLI versions before 0.225.2 exposed the legacy JSON-RPC-over-HTTP MCP transport on loopback without validating browser Origin headers before routing requests. A malicious web page could send a CORS simple POST request, such as text/plain, to the local /mcp endpoint and deliver a JSON-R...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:43 p.m.12 views

stigmem-node: decay sweep expires and counts facts across all tenants (cross-tenant BOLA)

Summary On a multi-tenant stigmem node, a caller holding a write credential for one tenant can run a decay sweep that acts on every tenant's facts. The candidate-selection queries in lifecycle/decay.py selectttlcandidates, selectconfidencecandidates carried no tenantid predicate, and the caller's...

5.5AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:43 p.m.8 views

stistigmem-node: quarantine review surface exposes and mutates other tenants' quarantined facts (cross-tenant BOLA)

Summary On a multi-tenant stigmem node, a tenant administrator could list, read, and admit or reject quarantined facts belonging to other tenants. The list/count queries and getquarantinedfact in routes/quarantine.py lacked an f.tenantid = identity.tenantid predicate, and the garden lookup was no...

5.5AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:42 p.m.6 views

stigmem-node: RTBF tombstones are mis-attributed and suppress reads tenant-blind (cross-tenant BOLA)

Summary On a multi-tenant stigmem node, RTBF right-to-be-forgotten tombstones were mis-scoped two ways. 1 issuetombstone defaulted the tenant to "default" instead of the caller's tenant, so tombstones could be written to the wrong tenant. 2 The read-suppression path — gettombstonefilter...

5.5AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:42 p.m.28 views

MessagePack for Python: Out-of-bounds read / crash on Unpacker reuse after a caught error

Impact If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. If the Unpacker is used repeatedly to unpack untrusted input from external sources, it may be vulnerable to a DoS attack. Patches v1.2.1 Workarounds Users should create a new Unpacker instead of...

5.8AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:42 p.m.13 views

Gogs: XSS in .ipynb files renderer due to outdated notebookjs

Summary Gogs renders Jupyter notebook files .ipynb using jsvine/notebookjs, but the version is outdated, missing patches for known XSS vulnerabilities. Details Gogs uses version 0.4.2 of notebookjs to render Jupyter notebook files:...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:42 p.m.9 views

parse-server: LiveQuery discloses object data to a subscriber across an ACL read-access change

Impact A Parse Server LiveQuery subscriber can receive object field values they are not authorized to read when a single save changes both an object field and the subscriber's ACL read access to that object. When such a save removes the subscriber's read access, the resulting leave event still...

5.9AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:42 p.m.13 views

SearXNG MCP Server: DNS-resolved Private Hostname SSRF in `web_url_read`

DNS-resolved Private Hostname SSRF in weburlread Summary The weburlread MCP tool in mcp-searxng is vulnerable to Server-Side Request Forgery SSRF via DNS rebinding bypass. The assertUrlAllowed function at src/url-reader.ts:85-93 validates only the syntactic hostname string against a private...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 9:42 p.m.6 views

SearXNG MCP Server: Unbounded Response Body Read Bypasses URL Size Limit in `web_url_read`

Unbounded Response Body Read Bypasses URL Size Limit in weburlread Summary The weburlread MCP tool in mcp-searxng enforces its 5 MiB response-size limit exclusively by inspecting the Content-Length header of a preliminary HEAD request. When a server omits Content-Length — a standard HTTP practice...

6.1AI score
Exploits0References2Affected Software1
Total number of security vulnerabilities33187