Lucene search
K

363706 matches found

NVD
NVD
added 42 minutes ago2 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS
Exploits0References4
NVD
NVD
added 42 minutes ago2 views

CVE-2026-58473

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS
Exploits0References4
NVD
NVD
added 42 minutes ago2 views

CVE-2026-59707

LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models/apply endpoint that allows attackers to fetch arbitrary internal URLs. The endpoint passes unsanitized gallery URL fields directly to gallery.GetGalleryConfigFromURLWithContext without proper...

9.2CVSS
Exploits0References4
NVD
NVD
added 42 minutes ago2 views

CVE-2026-57172

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, ShareSecretManage uses a hardcoded default share link signature key, allowing an attacker who can obtain a passwordless share for a resource and user to use the known key link-pwd-fit2cloud to forge linkToken JWTs,...

8.3CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-55647

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, dashboard text components render stored component content with Vue v-html without server-side HTML sanitization, allowing an authenticated user who can edit dashboard component data to inject HTML with executable...

5.1CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-58470

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-53935

Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...

6.9CVSS
Exploits0References7
NVD
NVD
added 42 minutes ago2 views

CVE-2026-55631

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the font management module allows authenticated users to submit an arbitrary fileTransName when creating a font record; when the record is later deleted, the backend concatenates that stored value with the font...

7.2CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago3 views

CVE-2026-55633

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a bypass of the H2 zip protocol and file dropper fix allows an authenticated attacker to upload a zip archive disguised with a .ttf extension through FontManage.saveFile and then exploit it through the zip protocol...

8.7CVSS
Exploits0References4
NVD
NVD
added 42 minutes ago2 views

CVE-2026-55417

Chevereto is a self-hosted media-sharing platform. Starting in version 3.7.5 and prior to version 4.5.4, when a user enables the private profile option, visiting their profile HTML route /username correctly returns 404. However, the /json AJAX listing endpoint does not apply the same check. An...

6.9CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-55434

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.33.0 and prior to versions 2.33.8 and 2.34.2, AI Bridge provider handlers read request bodies with io.ReadAll without a maximum size so an authenticated user with AI Bridge access could se...

6.5CVSS
Exploits0References4
NVD
NVD
added 42 minutes ago2 views

CVE-2026-55592

Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy...

3.9CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-55635

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, chart quota and Y-axis filters embed attacker-controlled filter values directly into generated SQL in Quota2SQLObj.getYWheres without applying the SQL literal validation and escaping used by other filter paths,...

8.7CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-53511

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-53729

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-53751

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous...

8.7CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-53730

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/datasetData/previewSql endpoint lacks the mandatory @DePermit permission validation annotation, allowing any authenticated user to specify datasourceId=-1, access the built-in engine database, execute...

8.7CVSS
Exploits0References2
NVD
NVD
added 42 minutes ago2 views

CVE-2026-50529

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/share/proxyInfo share interface generates and returns X-DE-LINK-TOKEN before validating the share password or ticket, allowing unauthenticated attackers who know a protected share UUID to obtain a valid...

8.7CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-50530

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a share mode chart data interface only validates that sceneId matches the resourceId in the link token and fails to validate whether tableId and field IDs in the request body belong to the shared resource, allowing...

7.1CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-49471

Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A D...

8.3CVSS
Exploits0References3
NVD
NVD
added 42 minutes ago2 views

CVE-2026-46700

Actual is a local-first personal finance tool. Prior to 26.6.0, the GET /secret/:name endpoint in @actual-app/sync-server checks only that the caller has a valid session and does not verify the caller is an admin, while the sibling POST /secret/ handler enforces an admin check in OpenID mode. Any...

4.3CVSS0.00025EPSS
Exploits0References4
NVD
NVD
added 42 minutes ago2 views

CVE-2026-46672

Actual is a local-first personal finance app. Prior to 26.6.0, @actual-app/cli ships a hand-rolled CSV serializer in packages/cli/src/output.ts used whenever the global --format csv option is passed, whose escapeCsv helper only handles RFC 4180 delimiter, quote, and newline escaping and does not...

4.6CVSS0.00017EPSS
Exploits0References4
NVD
NVD
added 42 minutes ago3 views

CVE-2026-44454

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7 and 2.30.2, workspace creation via mode=auto deep links silently provisioned workspaces with attacker-controlled parameters, requiring no explicit user confirmation. In versions 2.29.7...

8.1CVSS
Exploits0References7
NVD
NVD
added 42 minutes ago3 views

CVE-2026-50007

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00018EPSS
Exploits0References5
NVD
NVD
added 1 hour ago2 views

CVE-2026-58468

NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin...

5.5CVSS
Exploits0References4
NVD
NVD
added 1 hour ago2 views

CVE-2026-44877

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system...

6.5CVSS
Exploits0References1
NVD
NVD
added 2 hours ago5 views

CVE-2026-59800

9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-install endpoint this route is not covered by the dashboard middleware matcher, so no authorization check is applied. The sudoPassword field from the request body is written to t...

9.8CVSS
Exploits0References2
NVD
NVD
added 2 hours ago3 views

CVE-2026-7017

HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, mayberedirect follows the Location: header and prepareheadersandcb re-merges the caller's headers argument into the new request, without checking whether...

7.1CVSS
Exploits0References6
NVD
NVD
added 2 hours ago4 views

CVE-2026-59708

The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs without validating granteeUserId filtering, allowing unauthenticated access to full portfolio data. Attackers with a private access ID can retrieve sensitive portfolio information including holdings,...

8.7CVSS
Exploits0References4
NVD
NVD
added 2 hours ago4 views

CVE-2026-48955

An improper access check allows unauthorized users to access workflow stage and transition information...

6.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago4 views

CVE-2026-48957

An improper access check allows unauthorized users to access comprivacy datasets...

6.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago3 views

CVE-2026-48958

An improper access check allows unauthorized users to create custom fields via webservices endpoints...

6.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago3 views

CVE-2026-48954

Improper validation leads to a generic XSS vector in the language override feature...

8.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago3 views

CVE-2026-48956

An improper access check allows users to display a list of modules in the frontend...

6.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago4 views

CVE-2026-55435

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, AI Bridge proxy endpoints authenticate via Server.IsAuthorized in coderd/aibridgedserver, which validates key format, expiry, secret...

5.4CVSS
Exploits0References7
NVD
NVD
added 2 hours ago3 views

CVE-2026-48949

Lack of validation leads to an XSS vulnerability in the MFA management views...

8.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago2 views

CVE-2026-48951

Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components...

8.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago2 views

CVE-2026-48953

Lack of escaping leads to an XSS vulnerability in the generic image output layout...

8.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago3 views

CVE-2026-48950

Lack of escaping leads to an XSS vulnerability in the file management view of comtemplates...

8.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago2 views

CVE-2026-48952

Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...

8.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago2 views

CVE-2026-48948

An improper access check allows user to download vcard exports of comcontact contacts that are inaccessible...

6.4CVSS
Exploits0References1
NVD
NVD
added 2 hours ago2 views

CVE-2026-48947

An improper access check allows privileged users to overwrite media files without editing permissions...

6.4CVSS
Exploits0References1
NVD
NVD
added 4 hours ago5 views

CVE-2026-23698

Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents...

8.6CVSS
Exploits1References3
NVD
NVD
added 4 hours ago4 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS
Exploits0References2
NVD
NVD
added 4 hours ago5 views

CVE-2026-13020

A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume ownership of a user’s account by manipulating this mechanism. ArcGIS Administrators should configure an...

8.1CVSS
Exploits0References1
NVD
NVD
added 4 hours ago4 views

CVE-2026-23697

Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing the extension denylist in config.inc.php which omits the...

8.8CVSS
Exploits1References3
NVD
NVD
added 4 hours ago5 views

CVE-2026-13019

Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes have a missing authentication for critical function vulnerability allows a remote, unauthenticated attacker to access an unprotected API...

9.8CVSS
Exploits0References1
Total number of security vulnerabilities363706