Lucene search
K
VulnrichmentRecent

162706 matches found

Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.5 views

CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

5.2AI score0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12454

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12453

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.3AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.7 views

CVE-2026-12451

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00173EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12452

Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.4AI score0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12450

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00184EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.7 views

CVE-2026-12449

Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

5.2AI score0.00109EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.8 views

CVE-2026-12448

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00255EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12446

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12447

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3AI score0.00417EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12445

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

5.3AI score0.00158EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.5 views

CVE-2026-12444

Out of bounds read in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: High...

5.2AI score0.00143EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12443

Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

5.9AI score0.00601EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12442

Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

5.9AI score0.00387EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12441

Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.00301EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12440

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.3AI score0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.8 views

CVE-2026-12439

Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

5.4AI score0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.7 views

CVE-2026-12438

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.3AI score0.00207EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:38 a.m.7 views

CVE-2026-12437

Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.3AI score0.00279EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 1:31 a.m.5 views

CVE-2025-15641 Netskope Client Exposed IOCTL with Insufficient Access Controls

Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the bypassing of all...

6.8CVSS5.2AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/17 12:53 a.m.9 views

CVE-2026-55706

sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...

5.8CVSS5.2AI score0.00354EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/17 12:0 a.m.8 views

CVE-2025-26240

In JazzCore python-pdfkit 1.0.0, the fromstring method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files...

5.5AI score0.00392EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/17 12:0 a.m.8 views

CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS5.2AI score0.00125EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/17 12:0 a.m.8 views

CVE-2026-36418

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing attackers to execute...

6.7AI score0.00471EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/17 12:0 a.m.7 views

CVE-2025-66391

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account...

5.2AI score0.00383EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 11:35 p.m.7 views

CVE-2026-48797 Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication

Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the optional Reflex web UI exposes a training control plane without authentication: dataset upload, model load, training start/stop, multi-run orchestration, GGUF export, and...

9.3CVSS5.5AI score0.00324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 11:10 p.m.7 views

CVE-2026-44587 CarrierWave has a denylisted_content_type bypass via Unescaped Regex Metacharacters

CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the contenttypedenylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. In...

4.7CVSS5.4AI score0.00223EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/16 11:8 p.m.9 views

CVE-2026-48929

Rocket.Chat in versions 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, and 7.10.13 is vulnerable to unauthenticated file deletion. The deleteFileMessage Meteor method permanently deletes any uploaded file by ID without requiring authentication. When called via an unauthenticated DDP WebSocket...

7.5CVSS7.2AI score0.00723EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 11:8 p.m.7 views

CVE-2026-48616

Rocket.Chat versions 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file downloads at /file-upload/:fileId/:name authorize livechat access using rcroomtype=l with rcrid+rctoken, but the authorization path does not verify...

9.3CVSS8.3AI score0.00304EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 10:49 p.m.8 views

CVE-2026-48782 pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. In versions 1.56.0 through 1.101.0, 2.0.0b1, and 2.0.0b2, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form that the previous fix, CVE-2026-46678...

6.8CVSS5.3AI score0.00332EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/16 10:29 p.m.9 views

CVE-2026-48788 Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing

Remark42 is a self-hosted comment engine for blogs, articles, or any other place where readers can add comments. Versions 1.6.0 through 1.15.0 contain a Cross-Site Scripting XSS vulnerability exploitable through content-type spoofing. The Remark42 image proxy fetches an arbitrary remote URL and...

8.2CVSS7.8AI score0.00251EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 10:19 p.m.8 views

CVE-2026-48745 Traccar Client: silent configuration hijack via unverified deep link redirects all GPS telemetry

Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...

9.3CVSS5.2AI score0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 9:43 p.m.6 views

CVE-2026-47277 Runtipi: Unauthenticated arbitrary file read through app-store logo symlinks

Runtipi is a personal homeserver orchestrator. In versions 4.9.1 through 4.9.3, Runtipi serves marketplace app logos from files inside cloned app-store repositories through an unauthenticated endpoint, which leads to arbitrary file read through app-store logo symlinks. The path guard checks only...

6.5CVSS5.3AI score0.00399EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 9:38 p.m.9 views

CVE-2026-48783 Postiz has an unauthenticated billing-enforcement bypass via /public/modify-subscription

Postiz is an AI social media scheduling tool. Versions prior to 2.21.8 contained an unauthenticated endpoint that accepted a signed token and applied subscription-enforcement side effects to the organization referenced in that token's claims, without verifying the token's intended purpose. The...

4.8CVSS5.3AI score0.0017EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/16 9:35 p.m.5 views

CVE-2026-2604 Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.4AI score0.00189EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 9:31 p.m.7 views

CVE-2026-48781 Postiz has cross-tenant SUPERADMIN takeover via Skool-provider JWT forgery

Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the Skool integration callback signed an attacker-controlled JSON blob into a session-shape JWT using the application's JWTSECRET, and the auth middleware trusted every claim in that JWT without re-resolving the user from...

9.9CVSS5.3AI score0.00209EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/16 9:26 p.m.8 views

CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS5.1AI score0.00782EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/16 9:25 p.m.7 views

CVE-2026-25470 WordPress ACPT (Pro) - Custom Post Types plugin for WordPress plugin <= 2.0.47 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in ACPT ACPT Pro - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT Pro - Custom Post Types Plugin for WordPress: from n/a through 2.0.47...

10CVSS5.4AI score0.00414EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 9:24 p.m.10 views

CVE-2026-39598 WordPress Academy LMS Pro plugin < 3.5.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server. This issue affects Academy LMS Pro: from n/a before 3.5.2...

8CVSS5.2AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 9:23 p.m.7 views

CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS5.6AI score0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 9:17 p.m.8 views

CVE-2026-48055 Streambert: Arbitrary File Write (Zip Slip) via Subtitle Extraction

Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction,...

10CVSS5.4AI score0.00621EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 9:3 p.m.9 views

CVE-2026-11409 OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

8.5CVSS5.8AI score0.02787EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 9:3 p.m.6 views

CVE-2026-11410 OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N

An authenticated OS command injection vulnerability exists in the BigPond Cable BPA WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

8.5CVSS5.8AI score0.02787EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.7 views

CVE-2026-49113 WordPress Cornerstone plugin < 7.8.8 - Arbitrary Code Execution vulnerability

Subscriber Arbitrary Code Execution in Cornerstone 7.8.8 versions...

8.5CVSS5.3AI score0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.6 views

CVE-2026-49080 WordPress wpDataTables plugin <= 7.3.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in wpDataTables = 7.3.6 versions...

9.3CVSS5.7AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.7 views

CVE-2026-49057 WordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JobSearch = 3.2.7 versions...

7.5CVSS5.1AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.6 views

CVE-2026-48869 WordPress Enfold theme <= 7.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Enfold = 7.1.4 versions...

7.1CVSS5.1AI score0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.6 views

CVE-2026-40761 WordPress Valeska theme <= 1.2.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Valeska = 1.2.2 versions...

8.1CVSS5.3AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.7 views

CVE-2026-40760 WordPress Behold theme <= 1.5 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Behold = 1.5 versions...

8.1CVSS5.3AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 8:57 p.m.6 views

CVE-2026-40759 WordPress Esmée theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Esmée = 1.4 versions...

8.1CVSS5.3AI score0.0032EPSS
Exploits0References1
Total number of security vulnerabilities162706