Lucene search
K
RedhatcveRecent

206704 matches found

RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.14 views

CVE-2026-10175

A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editorcoder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has bee...

6.5CVSS5.6AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.14 views

CVE-2026-10188

A flaw has been found in Tenda W12 3.0.0.74763. This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

9CVSS6.2AI score0.00476EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.16 views

CVE-2026-10170

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may be...

6.5CVSS5.7AI score0.00244EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.18 views

CVE-2026-10176

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

6.5CVSS5.6AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.16 views

CVE-2026-10187

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS6.3AI score0.01425EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 3:37 p.m.14 views

CVE-2026-10197

A flaw was found in Assimp. A local user with access to the system could exploit a null pointer dereference vulnerability in the glTF2Importer::ImportEmbeddedTextures function. This flaw could lead to a Denial of Service DoS, making the application unavailable. Mitigation Users should avoid...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/02 3:37 p.m.11 views

CVE-2026-10199

A flaw was found in Assimp. A local attacker could trigger a null pointer dereference by manipulating an argument in the glTF2::LazyDict function. This vulnerability, located in the glTF2Asset.h library, could lead to an application crash, resulting in a denial of service DoS. Mitigation Mitigati...

5.5CVSS5.6AI score0.00118EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/02 3:37 p.m.11 views

CVE-2026-10198

A flaw was found in Assimp, specifically within the glTFImporter component. A local attacker could exploit a null pointer dereference vulnerability in the Assimp::glTFImporter::ImportMeshes function. This could lead to a denial of service DoS by causing the application to crash. Mitigation...

5CVSS5.6AI score0.00113EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/02 2:43 p.m.11 views

CVE-2026-45292

A flaw was found in OpenTelemetry Java, specifically within the baggage propagation implementation of opentelemetry-api and opentelemetry-extension-trace-propagators. A remote attacker can exploit this vulnerability by sending oversized baggage, which leads to unbounded memory allocation and high...

7.5CVSS5.8AI score0.00791EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/02 2:43 p.m.8 views

CVE-2026-6841

Request Tracker is vulnerable to a reflected cross-site scripting XSS vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0....

6.1CVSS5.6AI score0.00235EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.18 views

CVE-2026-20455

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.16 views

CVE-2026-42359

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS5.8AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.15 views

CVE-2026-20454

In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786...

6.4CVSS5.8AI score0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.14 views

CVE-2025-66593

An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.14 views

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

6.2CVSS5.8AI score0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.15 views

CVE-2026-20452

In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...

8CVSS6.5AI score0.00435EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.15 views

CVE-2025-66592

An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.14 views

CVE-2026-20453

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791...

6.7CVSS5.8AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 a.m.14 views

CVE-2025-13593

Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 7:17 a.m.11 views

CVE-2026-1784

The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration...

8.8CVSS5.8AI score0.0015EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.18 views

CVE-2026-10169

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS5.1AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.15 views

CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.18 views

CVE-2025-60486

A heap use-after-free in the dasherprocess function /filters/dasher.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 file...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.18 views

CVE-2025-55664

A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS6AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.15 views

CVE-2026-32906

OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attackers with limited exec approval permissions can bypass intended approval splits to approve plugin...

4.3CVSS5.8AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.17 views

CVE-2026-10064

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument specialname results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

9.8CVSS7.1AI score0.00399EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.17 views

CVE-2026-10127

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has...

6.5CVSS6.5AI score0.01262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.18 views

CVE-2026-10114

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handlescpinfo in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been...

5.3CVSS5.4AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.14 views

CVE-2026-45626

Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...

6.3CVSS6AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.16 views

CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.12 views

CVE-2026-45580

WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a stored cross-site scripting vulnerability. The Live plugin's "YouTube-style" view renders the live transmission's stream key into an HTML class attribute by raw echo, without htmlspecialchars. A canStream user can persi...

5.4CVSS5.6AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.18 views

CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.17 views

CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.16 views

CVE-2026-45294

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted email address belongs to an existing user account, allowing unauthenticated attackers to enumerat...

5.3CVSS5.8AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.23 views

CVE-2026-47740

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...

8.1CVSS5.8AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.15 views

CVE-2026-47123

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifying agent user replies based on In-Reply-To / References headers. The notification reply path...

7.5CVSS5.9AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.14 views

CVE-2026-46510

form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys e.g. namesub into nested objects without filtering proto, constructor, or prototype. A single HTTP form field whose name starts with proto... causes the library to mutate...

8.2CVSS5.8AI score0.00282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.15 views

CVE-2026-45312

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt generator rag/prompts/generator.py allows any authenticated user to execute arbitrary OS commands on the server. Any normal user can register, create a Canvas...

9.9CVSS6.1AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.16 views

CVE-2026-10179

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9CVSS7.8AI score0.03198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.17 views

CVE-2026-10158

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument servername results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released t...

9CVSS7.8AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.15 views

CVE-2026-45629

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to execute arbitrary system commands on remote servers managed by Dokploy, leading to full server...

9.9CVSS6.1AI score0.00758EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.17 views

CVE-2026-10164

A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument ShareName/SelectName results in buffer overflow. The attack can be executed remotely. The exploit ha...

9CVSS7.7AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.13 views

CVE-2026-45661

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote serve...

9.9CVSS6.5AI score0.0066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.17 views

CVE-2026-44649

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...

9.8CVSS5.8AI score0.00218EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.12 views

CVE-2026-45662

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.0 and earlier, the deleteRegistry function in Dokploy packages/server/src/services/registry.ts executes docker logout $response.registryUrl without shell escaping. In the same file, the docker login command correctly uses shEsca...

8.8CVSS5.8AI score0.00841EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.17 views

CVE-2026-45043

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, improper validation in the PUT /rustfs/admin/v3/import-iam endpoint allows a user with ImportIAMAction to create service accounts under arbitrary parent identities, including the root user minioadmin. The endpoint...

9.3CVSS6AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.17 views

CVE-2026-45609

mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted...

7.2CVSS5.8AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.22 views

CVE-2026-44697

Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...

8.6CVSS5.8AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.18 views

CVE-2026-10163

A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of the argument UserName/Password leads to buffer overflow. Remote exploitation of the attack is...

9CVSS7.5AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:2 a.m.17 views

CVE-2026-10069

A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects produc...

8.7CVSS6.7AI score0.00438EPSS
Exploits0References1
Total number of security vulnerabilities206704