Lucene search
+L
VulnrichmentRecent

163619 matches found

vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-50882

An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service DoS via a crafted POST request...

5.3AI score0.00324EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.5 views

CVE-2026-50876

A cross-site scripting XSS vulnerability in Deck9 Input v2.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.3AI score0.00162EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-50885

Incorrect access control in the share-based read endpoints of Sismics Docs Teedy v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request...

5.2AI score0.00287EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-50887

A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...

5.2AI score0.00287EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

5.2AI score0.00191EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-36670

A Time-Based Blind SQL Injection vulnerability in the aliasmanagement module of OpenSIPS Control Panel opensips-cp prior to version 9.3.3 allows authenticated attackers to execute arbitrary SQL commands via the 'table' GET parameter in aliasmanagement.php...

6.2AI score0.00361EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-39006

An issue in SNMP4J-Agent 3.8.3 allows a remote attacker to execute arbitrary code via the snmp4jCfgStoragePath component...

5.9AI score0.00515EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-50881

Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator and execute unauthorized account, password, and configuration changes...

5.4AI score0.00248EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-50874

An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input...

5.8AI score0.01119EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-38064

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actiondialcall via the dialNumber parameter...

5.3AI score0.01046EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.10 views

CVE-2026-50873

An arbitrary file upload vulnerability in the attachment handling component of flatnotes v5.5.4 allows attackers to execute arbitrary code via uploading a crafted HTML or SVG file...

5.8AI score0.00441EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-50884

Incorrect access control in statping-ng v0.93.0 allows attackers to escalate privileges to Administrator and access sensitive components...

5.3AI score0.00286EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.10 views

CVE-2026-39196

Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...

5.6AI score0.00321EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.9 views

CVE-2026-39118

An issue in Iru, Inc Kandji Agent before v.4.7.55374 allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality...

5.2AI score0.00118EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-50889

An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service DoS via sending a crafted refresh-token header...

5.3AI score0.00482EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-38060

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionunlocksim via the pin parameter...

5.3AI score0.01046EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.9 views

CVE-2026-50877

An issue in Zhoros SuperBin v1.0.0 allows attackers to execute a directory traversal via supplying files with names containing traversal characters...

5.4AI score0.00577EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-45390

In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the...

5.4AI score0.00373EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2026-50891

Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request...

5.2AI score0.00326EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2026-38063

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionradioonwithiaapn via the ia parameter...

5.3AI score0.01046EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2025-70102

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, the code performs a member access on a NULL pointer of type 'struct dhcpopt' when an unexpected/invalid option token or parsing state caus...

5.3AI score0.00169EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/14 11:45 p.m.10 views

CVE-2026-12197 Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS6.9AI score0.02385EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/14 11:30 p.m.10 views

CVE-2026-12193 VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtlHandler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is...

8.5CVSS7.4AI score0.00142EPSS
Exploits0References10
vulnrichment
vulnrichment
added 2026/06/14 11:15 p.m.9 views

CVE-2026-12192 GALAYOU Y4 Web Server buffer overflow

A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted...

8.8CVSS8.3AI score0.00316EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 11:0 p.m.10 views

CVE-2026-12191 Comma AI Openpilot Pickle modeld.py pickle.loads deserialization

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacte...

8.5CVSS5.1AI score0.00137EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 10:45 p.m.12 views

CVE-2026-12190 Genspark AI Workspace App ai.mainfunc.genspark improper authorization in handler for custom url scheme

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment...

5.3CVSS5.3AI score0.00105EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/14 10:30 p.m.13 views

CVE-2026-12189 Moovit Bus & Public Transit App com.tranzmate improper authorization in handler for custom url scheme

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been...

5.3CVSS5.3AI score0.00105EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/14 10:15 p.m.12 views

CVE-2026-12188 Grit42 Grit GritEntityController grit_entity_controller.rb sql injection

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/gritentitycontroller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/14 10:0 p.m.11 views

CVE-2026-12187 GL.iNet GL-MT3000 Online Firmware Upgrade one_click_upgrade command injection

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/oneclickupgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched...

9CVSS7.4AI score0.0194EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/14 8:45 p.m.7 views

CVE-2026-12186 GL.iNet GL-MT3000 Tor Proxy Service Configuration tor replace_country command injection

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replacecountry in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploi...

9CVSS7.6AI score0.01966EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/14 5:38 p.m.9 views

CVE-2026-54413

driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle0x27SecurityAccess function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a single-byt...

8.8CVSS5.6AI score0.00459EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 5:26 p.m.8 views

CVE-2026-54412

LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqttunpackpublishresponse function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to...

8.8CVSS5.5AI score0.00407EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 5:21 p.m.11 views

CVE-2026-54411

Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...

8.2CVSS5.3AI score0.00321EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 5:10 p.m.9 views

CVE-2026-54410

nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recvmsgheader function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP frame whose Length fiel...

9CVSS5.7AI score0.00541EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/14 11:40 a.m.20 views

CVE-2026-11527 Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle

Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle. Config::IniFiles::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd...

5.4AI score0.00618EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/14 11:39 a.m.8 views

CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...

5.4AI score0.01353EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/14 6:0 a.m.6 views

CVE-2025-15546 Iptanus File Upload < 5.1.7 - File Overwrite via Race Condition

The Iptanus File Upload WordPress plugin before 5.1.7 does not implement proper file handling when the duplicatepolicy setting is configured to "maintain both." Due to a Time-of-Check to Time-of-Use TOCTOU race condition between the file existence check and the actual file write operation, an...

6AI score0.00159EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/14 3:49 a.m.9 views

CVE-2026-54421

In OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information such as iSCSI credentials. The PATCH outcome is a security issue; the POST outcome is not a security issue...

6.8CVSS5.2AI score0.00291EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/14 3:23 a.m.9 views

CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS5.3AI score0.01261EPSS
Exploits3References2
vulnrichment
vulnrichment
added 2026/06/13 11:15 p.m.9 views

CVE-2026-12176 SourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scripting

A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be carried out...

5.3CVSS3.6AI score0.00265EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/13 10:45 p.m.10 views

CVE-2026-12175 CodeAstro Student Attendance Management System createStudents.php sql injection

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is...

5.8CVSS5.1AI score0.00214EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/13 8:15 p.m.13 views

CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS7.6AI score0.00582EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/13 5:36 p.m.11 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.6AI score0.00548EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/13 4:34 p.m.7 views

CVE-2026-6428

SQL Injection in reports/catalogueout.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary da...

7.6CVSS6AI score0.00244EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/13 11:25 a.m.11 views

CVE-2026-5513 Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.5AI score0.00312EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2026/06/13 8:38 a.m.11 views

CVE-2026-11624

The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...

9.4CVSS5.3AI score0.00153EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/13 8:29 a.m.8 views

CVE-2026-1291 Meow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation

The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/saveshortcode in all versions up to, and including, 5.4.4 This makes it possible for authenticated attackers, with...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/13 7:51 a.m.8 views

CVE-2026-2470 Pagelayer <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration via 'contacts'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...

4.3CVSS5.4AI score0.00204EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/13 7:51 a.m.8 views

CVE-2026-9629 Canvas <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' Block Attribute

The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' parameter in all versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above,...

6.4CVSS5.5AI score0.00199EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/13 7:51 a.m.9 views

CVE-2026-3297 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Anchor Block

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Anchor block in versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.5AI score0.00155EPSS
Exploits0References2
Total number of security vulnerabilities163619