Lucene search
K

363954 matches found

NVD
NVD
•added 2026/06/25 10:16 p.m.•7 views

CVE-2025-71333

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

9.8CVSS0.00611EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•7 views

CVE-2025-71336

Flowise before 3.0.6 affected versions 2.2.7-patch.1 and earlier contains an unsandboxed remote code execution vulnerability in the Custom MCP feature, which is designed to execute OS commands such as launching local MCP servers. Because Flowise's authentication and authorization model is minimal...

9.8CVSS0.00757EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•8 views

CVE-2025-71335

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS0.00266EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•7 views

CVE-2021-47986

Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags were pushed to the repository linking to unreviewed code in a personal fork. Attackers could exploit this by specifying affected version tags in dependency declarations to execute unreviewed and...

7.7CVSS0.0012EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•9 views

CVE-2021-47987

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

7.7CVSS0.0012EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•11 views

CVE-2025-71328

Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings Security section without supplying the current password or any additional verification, as the application does not enforce a...

8.8CVSS0.00327EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•7 views

CVE-2020-37256

Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access...

5.4CVSS0.00167EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•6 views

CVE-2025-71327

Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers to create user accounts. Remote attackers can exploit this endpoint to register arbitrary accounts and authenticate to the system, gaining full API...

9.3CVSS0.0046EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 10:16 p.m.•9 views

CVE-2025-71324

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile, where a fallback file-lookup path constructed...

8.7CVSS0.00346EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•8 views

CVE-2026-6679

A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This...

8.8CVSS0.00385EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•11 views

CVE-2026-6681

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

5.3CVSS0.00256EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•9 views

CVE-2026-6731

X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...

7.5CVSS0.00124EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•5 views

CVE-2026-6678

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

5.3CVSS0.0019EPSS
Exploits0References3
NVD
NVD
•added 2026/06/25 9:16 p.m.•7 views

CVE-2026-38640

A reachable unwrap in the assertfail function /assert/mod.rs of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS0.00446EPSS
Exploits0References4
NVD
NVD
•added 2026/06/25 9:16 p.m.•9 views

CVE-2026-56445

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

9.1CVSS0.00434EPSS
Exploits0References3
NVD
NVD
•added 2026/06/25 9:16 p.m.•10 views

CVE-2026-6450

A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when pars...

5.3CVSS0.0018EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•7 views

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS0.00074EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•8 views

CVE-2026-38637

An issue in the pthreadrwlockattrsetpshared function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS0.00446EPSS
Exploits0References4
NVD
NVD
•added 2026/06/25 9:16 p.m.•6 views

CVE-2026-37452

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component...

7.5CVSS0.00398EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 9:16 p.m.•7 views

CVE-2026-12473

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

8.3CVSS0.00232EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•7 views

CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS0.00346EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•7 views

CVE-2026-57522

Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in IntegrationTemplateProcessor.ReplaceTokens, which substitutes user-controlled values into event-integration templates without JSON encoding. When an organization has configured an event integration whose template referenc...

5CVSS0.00262EPSS
Exploits1References5
NVD
NVD
•added 2026/06/25 8:17 p.m.•5 views

CVE-2026-57521

Bitwarden Server before 2026.5.0 contains a broken access control vulnerability that allows any authenticated user to access arbitrary organization billing data by supplying an arbitrary organizationId to the PreviewInvoiceController endpoints without membership or authorization checks. Attackers...

5.3CVSS0.00248EPSS
Exploits1References5
NVD
NVD
•added 2026/06/25 8:17 p.m.•15 views

CVE-2026-57520

Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing role hierarchy check in the bulk user-remove endpoint. Attackers can supply Admin...

7.1CVSS0.00354EPSS
Exploits1References5
NVD
NVD
•added 2026/06/25 8:17 p.m.•9 views

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS0.00118EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•7 views

CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

8.3CVSS0.00269EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•8 views

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS0.00145EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•8 views

CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS0.00339EPSS
Exploits0References3
NVD
NVD
•added 2026/06/25 8:17 p.m.•7 views

CVE-2026-46602

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

7.5CVSS0.00339EPSS
Exploits0References3
NVD
NVD
•added 2026/06/25 8:17 p.m.•6 views

CVE-2026-37454

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption...

7.5CVSS0.00262EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•5 views

CVE-2026-37149

GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parameter in /grocery/searchproducts.php. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

7.7CVSS0.00215EPSS
Exploits0References3
NVD
NVD
•added 2026/06/25 8:17 p.m.•6 views

CVE-2026-37453

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSISERVICE2 pipe...

7.5CVSS0.00398EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•10 views

CVE-2026-2299

The Mattermost Google Drive plugin before version 1.1.0 fails to validate channel membership in the file creation endpoint, allowing authenticated users with a connected Google account to share Google Drive files to unauthorized private channels and disclose private channel membership...

4.2CVSS0.00119EPSS
Exploits0References1
NVD
NVD
•added 2026/06/25 8:17 p.m.•6 views

CVE-2026-10512

The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...

7.5CVSS0.00263EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•6 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

7.5CVSS0.00226EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•7 views

CVE-2026-10592

Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...

6.3CVSS0.00124EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•7 views

CVE-2026-10097

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS0.00161EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•6 views

CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS0.00145EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 8:17 p.m.•8 views

CVE-2025-60464

A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...

7.8CVSS0.00144EPSS
Exploits1References6
NVD
NVD
•added 2026/06/25 8:17 p.m.•8 views

CVE-2025-60465

A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

6.1CVSS0.00135EPSS
Exploits1References6
NVD
NVD
•added 2026/06/25 7:16 p.m.•9 views

CVE-2026-56789

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64...

7.1CVSS0.00239EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 7:16 p.m.•13 views

CVE-2026-56787

RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decodessr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with attacker-controlled signal mode fields. Remote attackers can exploit thi...

7.5CVSS0.00325EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 7:16 p.m.•9 views

CVE-2026-56788

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...

7.1CVSS0.00119EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 7:16 p.m.•10 views

CVE-2026-57700

Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6...

10CVSS0.00373EPSS
Exploits0References1
NVD
NVD
•added 2026/06/25 7:16 p.m.•9 views

CVE-2026-56790

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS0.00215EPSS
Exploits0References4
NVD
NVD
•added 2026/06/25 7:16 p.m.•8 views

CVE-2026-56786

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

9.8CVSS0.00422EPSS
Exploits1References2
NVD
NVD
•added 2026/06/25 7:16 p.m.•13 views

CVE-2026-56774

Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authenticated users to delete other users' Remember Me sessions. Attackers can enumerate sequential session...

5.4CVSS0.00266EPSS
Exploits0References4
NVD
NVD
•added 2026/06/25 7:16 p.m.•10 views

CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS0.00339EPSS
Exploits0References2
NVD
NVD
•added 2026/06/25 7:16 p.m.•8 views

CVE-2026-56772

NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplying arbitrary userid values to the GET /social/interactions endpoint without ownership verification. Attackers can enumerate userid values to access...

5.3CVSS0.00204EPSS
Exploits0References3
NVD
NVD
•added 2026/06/25 7:16 p.m.•9 views

CVE-2026-56771

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

8.5CVSS0.00204EPSS
Exploits0References4
Total number of security vulnerabilities363954