Lucene search
K
VulnrichmentRecent

160808 matches found

Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-58284 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.3CVSS5.9AI score0.00414EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-58276 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-58278 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

5.4CVSS5.9AI score0.00323EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-57991 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

...

7.4CVSS5.9AI score0.00762EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•5 views

CVE-2026-57986 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•6 views

CVE-2026-57981 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.8CVSS5.9AI score0.00568EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-57974 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.8CVSS5.9AI score0.00568EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•5 views

CVE-2026-57977 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

7.1CVSS5.9AI score0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-45488 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

5.4CVSS5.9AI score0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-58522 Microsoft Edge for Android Information Disclosure Vulnerability

...

6.8CVSS5.9AI score0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-58287 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.3CVSS5.9AI score0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•5 views

CVE-2026-58299 Microsoft Edge for Android Remote Code Execution Vulnerability

...

7.5CVSS5.9AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-58283 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

8.1CVSS5.9AI score0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-58282 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

8.1CVSS5.9AI score0.00385EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•5 views

CVE-2026-56646 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

6.5CVSS5.9AI score0.00666EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-57992 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-57993 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

7.4CVSS5.9AI score0.00631EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-57988 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.1CVSS5.9AI score0.00543EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•6 views

CVE-2026-57985 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.6CVSS5.9AI score0.00419EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-57987 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

6.5CVSS5.9AI score0.00631EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-57984 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•5 views

CVE-2026-57983 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

8.7CVSS5.9AI score0.00464EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•5 views

CVE-2026-57975 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-56645 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.8CVSS5.9AI score0.00568EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-55945 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

...

4.2CVSS5.9AI score0.00148EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-28744 Gitea Git smart HTTP bypasses repository token scopes for bearer tokens

Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks...

8.1CVSS5.9AI score0.00343EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-28740 Gitea LFS object reuse bypasses Code-unit authorization

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...

7.1CVSS7.1AI score0.00323EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-28737 Gitea 3D file viewer allows stored XSS through glTF extensionsRequired

Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer...

8.7CVSS5.8AI score0.00336EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-28705 Gitea repository dumps write release assets using unsafe path names

Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths...

6AI score0.00181EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-27783 Gitea issue-template APIs bypass repository unit authorization

Gitea versions up to and including 1.26.1 do not enforce repository-unit authorization on issue-template API endpoints...

4.3CVSS5.9AI score0.00283EPSS
Exploits0References5
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-28699 Gitea Basic Auth bypasses OAuth2 access token scopes

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...

8.1CVSS5.9AI score0.00566EPSS
Exploits1References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-27780 Gitea pre-receive hook can miss branch-protection checks after scanner errors

Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input to bypass branch-protection checks...

6AI score0.00174EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-27775 Gitea pre-receive hook permission cache allows full repository write access

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

5.9AI score0.00198EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•4 views

CVE-2026-27779 Gitea forwarded-proto handling allows public URL spoofing

Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation...

5.9AI score0.00166EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-27660 Gitea draft releases use insufficient permission checks

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00166EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-27771 Gitea Composer package source links use insufficient permission checks

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...

8.2CVSS7.2AI score0.40738EPSS
Exploits1References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-27761 Gitea repository feeds bypass API token scope enforcement

Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...

4.3CVSS7.1AI score0.00367EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-26292 Gitea LFS mirror synchronization bypasses migration HTTP transport restrictions

Gitea versions before 1.25.5 do not use the migration HTTP transport for LFS push and sync mirror operations, bypassing the configured migration transport protections for those LFS requests...

5.9AI score0.00174EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-27657 Gitea email settings allow changing another user's primary email address

Gitea versions before 1.25.5 allow a user to change another user's primary email address...

5.9AI score0.00167EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-26231 Gitea maintainer-edit permissions allow unauthorized commits to readable repositories

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write...

8.5CVSS7.1AI score0.00291EPSS
Exploits0References5
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

6AI score0.00167EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-26247 Gitea OAuth2 PKCE S256 challenges are not enforced during token exchange

Gitea versions before 1.25.5 do not persist the OAuth2 PKCE S256 challenge method correctly during authorization, allowing token exchange without the expected verifier check...

5.9AI score0.00166EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-25782 Gitea tracked-time deletion can target entries from another issue

Gitea versions before 1.25.5 look up tracked-time entries by time ID without scoping the lookup to the issue in the request URL, allowing deletion attempts to target entries from another issue...

5.9AI score0.00159EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-25718 Gitea template repository generation mishandles symlinked paths

Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...

5.9AI score0.00172EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-25779 Gitea redirect handling permits open redirects through backslash paths

Gitea versions up to and including 1.25.4 allow redirect bypasses through raw or percent-encoded backslashes in redirectto values...

5.9AI score0.00167EPSS
Exploits0References5
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-25712 Gitea organization permission APIs expose private visibility information

Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations...

6AI score0.00159EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-25038 Gitea private organization labels are visible to unauthorized users

Gitea 1.26.2 allows unauthorized users to access labels of private organizations...

7.2AI score0.00198EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-25714 Gitea user organization API bypasses public-only token filtering

Gitea versions up to and including 1.26.1 do not apply public-only token filtering consistently to the user organization API, leaving an incomplete fix for CVE-2025-68941...

4.3CVSS7.1AI score0.00271EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering...

9.6CVSS7.1AI score0.00464EPSS
Exploits1References5
Vulnrichment
Vulnrichment
•added 4 days ago•3 views

CVE-2026-24451 Gitea fork synchronization can expose private parent repository data

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...

7.2AI score0.00198EPSS
Exploits0References4
Total number of security vulnerabilities160808