Lucene search
K
GithubRecent

33332 matches found

Github Security Blog
Github Security Blog
added 2025/12/11 10:49 p.m.28 views

Next Vulnerable to Denial of Service with Server Components

A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as CVE-2025-55184. A malicious HTTP request can...

7.5CVSS6.8AI score0.65592EPSS
Exploits10References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/11 10:36 p.m.13 views

Denial of Service Vulnerability in React Server Components

Impact There is a denial of service vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack...

7.5CVSS7AI score0.65592EPSS
Exploits10References5Affected Software3
Github Security Blog
Github Security Blog
added 2025/12/11 10:36 p.m.13 views

Source Code Exposure Vulnerability in React Server Components

Impact There is a source code exposure vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopa...

5.3CVSS7AI score0.62405EPSS
Exploits7References5Affected Software3
Github Security Blog
Github Security Blog
added 2025/12/11 9:31 p.m.12 views

pgadmin4 has a Meta-Command Filter Command Execution

The PLAIN restore meta-command filter introduced in pgAdmin as part of the fix for CVE-2025-12762 does not detect meta-commands when a SQL file begins with a UTF-8 Byte Order Mark EF BB BF or other special byte sequences. The implemented filter uses the function hasmetacommands, which scans raw...

9.1CVSS7.9AI score0.00866EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/11 6:36 p.m.9 views

Servify-express rate limit issue

Impact The Express server uses express.json without a size limit, which can allow attackers to send extremely large request bodies. This may lead to excessive memory usage, degraded performance, or process crashes, resulting in a Denial of Service DoS. Any application using the JSON parser withou...

8.7CVSS6.9AI score0.00352EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/11 5:1 p.m.12 views

AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE

An API endpoint that is intended for internal use by the SFTP software sftpgo was mistakenly exposed to the public-facing HTTP API for AzuraCast installations. This would allow a user with specific internal knowledge of a station's operations to craft a custom HTTP request that would affect the...

3.7CVSS6.6AI score0.00213EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/11 4:48 p.m.13 views

gardenctl is vulnerable to Command Injection when used with non‑POSIX shells

A security vulnerability was discovered in gardenctl when it is used with non‑POSIX shells such as Fish and PowerShell. Such setup could allow an attacker with administrative privileges for a Gardener project to craft malicious credential values in infrastructure Secret objects that break out of...

8.4CVSS7.9AI score0.00208EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/11 4:48 p.m.8 views

quic-go HTTP/3 QPACK Header Expansion DoS

Summary An attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a QPACK-encoded HEADERS frame that decodes into a large header field section many unique header names and/or large values. The implementation builds an http.Header used on th...

5.3CVSS6.9AI score0.00338EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/11 3:30 p.m.14 views

PowerJob has a server-side request forgery vulnerability in PingPongUtils.java

A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to...

9.8CVSS6.3AI score0.00323EPSS
Exploits3References7Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:35 p.m.16 views

Improper Validation of Query Parameters in Auth0 Next.js SDK

Description An input-validation flaw in the returnTo parameter in the Auth0 Next.js SDK could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request. Successful exploitation may result in tokens being issued with unintended parameters Am I Affected? You a...

5.7CVSS6.8AI score0.0023EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:31 p.m.9 views

Race condition in the Okta Java SDK

Description In the Okta Java SDK, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. Affected product and versions You may be affected if you meet the...

8.4CVSS7AI score0.00185EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:31 p.m.23 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the panel name management functionality

1Panel versions 1.10.33 through 2.0.15 contain a cross-site request forgery CSRF vulnerability in the panel name management functionality. The affected endpoint does not implement CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that...

5.1CVSS7AI score0.00179EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:31 p.m.9 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

7.1CVSS7AI score0.0015EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:31 p.m.11 views

Improper Request Caching Lookup in the Auth0 Next.js SDK

Description When using affected versions of the Next.js SDK, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. Am I Affected? You are affected if you meet the following preconditions: - Applications using the auth0/nextjs-aut...

5.4CVSS6.8AI score0.00178EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:30 p.m.23 views

Improper Memory Cleanup in the Okta Java SDK

Description In the Okta Java SDK, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and availability in long-running applications and may result in a denial-of-service...

5.3CVSS6.9AI score0.00237EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 8:21 p.m.6 views

Pyrofork has a Path Traversal in download_media Method

Summary The downloadmedia method in Pyrofork does not sanitize filenames received from Telegram messages before using them in file path construction. This allows a remote attacker to write files to arbitrary locations on the filesystem by sending a specially crafted document with path traversal...

6.5CVSS7.7AI score0.00271EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 8:11 p.m.11 views

Formio improperly authorized permission elevation through specially crafted request path

Security Advisory: Unauthorized permission elevation through specially crafted request path Summary: A flaw in path handling could allow an attacker to access protected API endpoints by sending a crafted request path. This issue could result in unauthorized data disclosure under certain...

8.7CVSS6.4AI score0.00273EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.8 views

Jenkins HashiCorp Vault Plugin exposes system-scoped Vault credentials

Jenkins HashiCorp Vault Plugin 371.v884a4dd60fb6 and earlier does not set the appropriate context for Vault credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Vault credentials they are not entitled to...

4.3CVSS6.8AI score0.00202EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.9 views

Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability

Jenkins Redpen - Pipeline Reporter for Jira Plugin 1.054.v7b9517b6b202 and earlier does not correctly perform path validation of the workspace directory while uploading artifacts to Jira, allowing attackers with Item/Configure permission to retrieve files present on the Jenkins controller workspa...

4.3CVSS6.8AI score0.00301EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.5 views

Algernon Cross-Site Scripting vulnerability

Cross-site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename...

6.1CVSS7.1AI score0.00401EPSS
Exploits2References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.73 views

Jenkins Coverage Plugin has a stored cross-site scripting (XSS) vulnerability

Jenkins Coverage Plugin 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a javascript: scheme URL as identifier ...

8CVSS6AI score0.00262EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.71 views

Jenkins's build authorization token is stored and displayed in plain text

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS6.8AI score0.00139EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.9 views

Jenkins has a Denial of service vulnerability in HTTP-based CLI

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service...

7.5CVSS6.8AI score0.00515EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.9 views

Jenkins's build authorization token is stored and displayed in plain text

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier stores build authorization tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS6.8AI score0.00159EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.10 views

Jenkins has a CSRF vulnerability on the login form

A cross-site request forgery CSRF vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users into logging in to the attacker's account...

3.5CVSS6.8AI score0.0016EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.7 views

sd changes the group ownership of the source file

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

8.4CVSS7.1AI score0.00174EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.8 views

Jenkins is missing a permission check on password fields

A missing permission check in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers with View/Read permission to view encrypted password values in views...

4.3CVSS6.8AI score0.00216EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.14 views

Jenkins Git client Plugin has an OS command injection vulnerability on agents in Git client Plugin

Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...

5CVSS7AI score0.00186EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.11 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the Change Username functionality available from the settings panel /settings/panel. The endpoint does not implement CSRF protections such as anti-CSRF tokens or Origin/Referer validation. An attacker can...

7.1CVSS6.8AI score0.00133EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:20 p.m.9 views

Ibexa User Bundle is missing password change validation

Impact The vulnerability is in the password change dialog in the back office. During the transition from v4 to v5 a mistake was made in the validation code which caused the validation of the previous password to not run as expected. This made it possible for a logged in user to change password in...

8.5CVSS7AI score0.00123EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 6:20 p.m.5 views

Zitadel Discloses the Total Number of Instance Users

Summary Zitadel's User Service discloses the total number of instance users to unauthorized users. Impact The ZITADEL User Service exposes the total number of users within an instance to any authenticated user, regardless of their specific permissions. While this does not leak individual user dat...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 5:18 p.m.12 views

Miniflux has an Open Redirect via protocol-relative redirect_url

Summary redirecturl is treated as safe when url.Parse....IsAbs is false. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to attacker-controlled sites. Details - url.Parse"//ikotaslabs.com" = empty Scheme, Host="ikotaslabs.com". ...

6.1CVSS6.9AI score0.00187EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 3:47 p.m.9 views

ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only)

Summary The TIM PSX TIM image parser in ImageMagick contains a critical integer overflow vulnerability in the ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file header and calculates imagesize = 2 width height without checking for overflow. On 32-bit...

7.5CVSS7.4AI score0.00456EPSS
Exploits0References3Affected Software6
Github Security Blog
Github Security Blog
added 2025/12/10 3:47 p.m.10 views

XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection

Impact Any user who can edit their own user profile or any other document can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The reason is that rendering output is included as...

8.8CVSS8.7AI score0.00893EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 3:46 p.m.14 views

XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis

Impact XWiki's REST API doesn't enforce any limits for the number of items that can be requested in a single request at the moment. Depending on the number of pages in the wiki and the memory configuration, this can lead to slowness and unavailability of the wiki. As an example, the...

8.7CVSS6.8AI score0.00352EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 3:46 p.m.7 views

XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication

Impact A reflected XSS vulnerability in XWiki allows an attacker to send a victim to a URL with a deletion confirmation message on which the attacker-supplied script is executed when the victim clicks the "No" button. When the victim has admin or programming right, this allows the attacker to...

6.5CVSS7.3AI score0.00463EPSS
Exploits1References5Affected Software2
Github Security Blog
Github Security Blog
added 2025/12/10 3:31 p.m.7 views

Gogs vulnerable to a bypass of CVE-2024-55947

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.8CVSS7AI score0.7654EPSS
Exploits16References12Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 12:31 p.m.13 views

Apache Struts has a Denial of Service vulnerability

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

8.2CVSS7AI score0.00517EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 9:30 a.m.6 views

Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions

A flaw was found in Keycloak Admin REST Representational State Transfer API. This vulnerability allows information disclosure of sensitive role metadata via insufficient authorization checks on the /admin/realms/realm/roles endpoint...

2.7CVSS6AI score0.00326EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 12:30 a.m.11 views

Fetch MCP Server has a Server-Side Request Forgery (SSRF) vulnerability

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery SSRF vulnerability, which allows attackers to bypass private IP validation and access internal network resources...

7.5CVSS7AI score0.00388EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/10 12:2 a.m.39 views

LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method

Context A SQL injection vulnerability exists in LangGraph's SQLite checkpoint implementation that allows attackers to manipulate SQL queries through metadata filter keys. This affects applications that accept untrusted metadata filter keys not just filter values in checkpoint search operations...

7.8CVSS8.5AI score0.02109EPSS
Exploits2References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 10:48 p.m.9 views

OpenTofu incorrectly validates excluded subdomain constraint in conjunction with TLS certificates containing wildcard SANs

When OpenTofu is acting as a TLS client authenticating a certificate chain provided by a TLS server, an excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com...

6.5CVSS6.9AI score0.00274EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 10:47 p.m.13 views

Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool

Summary A command injection vulnerability is present in the function tool runsshcommandwithcredentials available to AI agents. Details This is the source code of the function tool runsshcommandwithcredentials code: python @functiontool def runsshcommandwithcredentials host: str, username: str,...

9.6CVSS8.5AI score0.01831EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 6:30 p.m.18 views

Robocode vulnerable to Directory Traversal in recursivelyDelete Method

A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by...

10CVSS7AI score0.00932EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 6:30 p.m.8 views

Robocode has an insecure temporary file creation vulnerability in the AutoExtract component

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files...

9.3CVSS7.7AI score0.00288EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 6:30 p.m.9 views

@tiptap/extension-link vulnerable to Cross-site Scripting (XSS)

Versions of the package @tiptap/extension-link before 2.10.4 are vulnerable to Cross-site Scripting XSS due to unsanitized user input allowed in setting or toggling links. An attacker can execute arbitrary JavaScript code in the context of the application by injecting a javascript: URL payload in...

6.1CVSS6.7AI score0.00314EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 5:42 p.m.12 views

Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments

Impact CVE-2025-13877 is an authentication bypass vulnerability caused by insecure default JWT key usage in NocoBase Docker deployments. Because the official one-click Docker deployment configuration historically provided a public default JWT key, attackers can forge valid JWT tokens without...

6.3CVSS7.3AI score0.00262EPSS
Exploits0References14Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 5:24 p.m.5 views

Shopware Storefront Reflected XSS in Storefront Login Page

Impact By exploiting the XSS vulnerabilities, malicious actors can perform harmful actions in the user's web browser in the session context of the affected user. Some examples of this include, but are not limited to: Obtaining user session tokens. Performing administrative actions when an...

7.1CVSS6.6AI score0.00161EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2025/12/09 5:24 p.m.23 views

SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475

Summary There is a critical vulnerability on xmlseclibs CVE-2025-66475, a dependency of php-saml Update to the following versions of php-saml which forces the use of patched versions of xmlseclibs: - 2.21.1 - 3.8.1 - 4.3.1 Impact Signature Wrapping Vulnerabilities allows an attacker to impersonat...

6.9AI score
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/09 5:23 p.m.44 views

JDA (Java Discord API) downloads external URLs when updating message components

Impact Anyone using untrusted message components may be affected. On versions =6.0.0,6.1.3 of JDA, the requester will attempt to download external media URLs from components if they are used in an update or send request. If you are used MessagegetComponents or similar to get a list of components...

6.9AI score
Exploits0References3Affected Software1
Total number of security vulnerabilities33332