Lucene search
+L
VulnrichmentRecent

163937 matches found

Vulnrichment
Vulnrichment
•added 2026/06/10 6:0 a.m.•8 views

CVE-2026-8071 Spam protection, Honeypot, Anti-Spam by CleanTalk < 6.79 - Unauthenticated Stored XSS via Comment Shortcode Bypass

The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user...

5.7AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 6:0 a.m.•11 views

CVE-2026-9060 Agile Store Locator < 1.6.6 - Admin+ Stored XSS via map_style

The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00138EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 6:0 a.m.•8 views

CVE-2026-3326 XStore < 9.7.3 - Unauthenticated SQLi

The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

5.6AI score0.00969EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 5:44 a.m.•8 views

CVE-2026-29114

A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain...

2.3CVSS5.3AI score0.0019EPSS
Exploits1References1
Vulnrichment
Vulnrichment
•added 2026/06/10 5:3 a.m.•8 views

CVE-2026-26240 File Station 5

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

5.3CVSS5.8AI score0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 5:3 a.m.•17 views

CVE-2026-11837 Ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown

A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...

7.3CVSS5.6AI score0.00161EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/10 5:2 a.m.•11 views

CVE-2026-26241 File Station 5

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

5.3CVSS5.8AI score0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 4:31 a.m.•9 views

CVE-2025-8444 Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates <= 2.6.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Parameters

The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. Th...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2026/06/10 3:15 a.m.•9 views

CVE-2026-24724 File Station 5

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.52...

8.6CVSS5.5AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:15 a.m.•8 views

CVE-2026-26239 File Station 5

A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later...

8.7CVSS5.8AI score0.00292EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:15 a.m.•10 views

CVE-2026-26237 QuMagie

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later...

8.7CVSS5.5AI score0.00322EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:14 a.m.•11 views

CVE-2026-24719 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00977EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:14 a.m.•10 views

CVE-2026-24717 QTS, QuTS hero

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:8 a.m.•9 views

CVE-2026-24716 QTS, QuTS hero

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:8 a.m.•10 views

CVE-2026-24720 File Station 5

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

5.3CVSS5.5AI score0.0028EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:7 a.m.•11 views

CVE-2026-22899 File Station 5

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

5.3CVSS5.5AI score0.0028EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:6 a.m.•8 views

CVE-2026-22893 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00988EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:6 a.m.•10 views

CVE-2025-66281 QTS, QuTS hero

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build...

6.9CVSS5.5AI score0.00456EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:5 a.m.•11 views

CVE-2025-66280 QTS, QuTS hero

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00435EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:5 a.m.•8 views

CVE-2025-66279 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.01049EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:4 a.m.•11 views

CVE-2025-66273 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.01049EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 3:2 a.m.•10 views

CVE-2025-62851 License Center

A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...

6.9CVSS5.4AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 2:34 a.m.•9 views

CVE-2025-62850 QuTS hero

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 1:38 a.m.•11 views

CVE-2025-58468 Notification Center

A cross-site request forgery CSRF vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291...

5.1CVSS5.4AI score0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 1:38 a.m.•9 views

CVE-2025-59382 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)

QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version:...

5.1CVSS5.5AI score0.00288EPSS
Exploits1References1
Vulnrichment
Vulnrichment
•added 2026/06/10 1:37 a.m.•11 views

CVE-2025-66276 QTS

QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later...

9.2CVSS5.5AI score0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/10 12:35 a.m.•9 views

CVE-2026-46532 ESF-IDF: Heap Out-of-Bounds Read in Bluedroid AVRCP Target Parser

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS5.4AI score0.00228EPSS
Exploits0References7
Vulnrichment
Vulnrichment
•added 2026/06/10 12:34 a.m.•8 views

CVE-2026-45542 ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS5.7AI score0.00325EPSS
Exploits0References7
Vulnrichment
Vulnrichment
•added 2026/06/10 12:34 a.m.•10 views

CVE-2026-45329 ESF-IDF: Out-of-Bounds Read in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

7.1CVSS5.4AI score0.00117EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 2026/06/10 12:33 a.m.•10 views

CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References7
Vulnrichment
Vulnrichment
•added 2026/06/10 12:26 a.m.•9 views

CVE-2026-45160 ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...

6.5CVSS5.6AI score0.00246EPSS
Exploits0References7
Vulnrichment
Vulnrichment
•added 2026/06/10 12:25 a.m.•11 views

CVE-2026-45541 ESF-IDF: Remote Null Pointer Dereference in WebSocket Server

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...

7.5CVSS5.4AI score0.00439EPSS
Exploits0References7
Vulnrichment
Vulnrichment
•added 2026/06/10 12:0 a.m.•7 views

CVE-2026-53698

Silverpeas through 6.4.6 mishandles the "Personal space" feature that is selected when no componentId is set...

6.5CVSS5.4AI score0.00327EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 2026/06/09 11:59 p.m.•14 views

CVE-2026-44634 Stack buffer overflows in SimpleBLE

SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy BLE. Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleblewrite function local,...

8.7CVSS5.8AI score0.00333EPSS
Exploits0References4
Vulnrichment
Vulnrichment
•added 2026/06/09 11:54 p.m.•10 views

CVE-2026-46546 Frappe LMS: HTML injection in user-controlled metadata

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated user could supply specially crafted content in certain user-editable fields that, when surfaced in page metadata, caused visitors' browsers to navigate to...

2.1CVSS5.3AI score0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:50 p.m.•9 views

CVE-2026-47838 Unauthorized User Impersonation when Using X.509 Client Certificates

SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions: Spring Security 5.7....

6.8CVSS5.4AI score0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•10 views

CVE-2026-41837 Spring Data REST Querydsl integration exposes Jackson-hidden persistent fields as filter keys

Spring Data REST's Querydsl integration accepts arbitrary persistent property paths as request-parameter filter keys and does not consider Jackson customizations before handing them to Querydsl. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14;...

5.3CVSS5.6AI score0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•10 views

CVE-2026-41732 In Spring for Apache Pulsar, overly broad trusted-package matching in header mapper exposes JDK classes to deserialization

JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages rather than applying a safe default...

8.1CVSS5.4AI score0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•11 views

CVE-2026-41731 In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization

JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Combined with Jackson's default bean deserialization, a producer could supply crafted...

8.1CVSS5.6AI score0.00489EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•8 views

CVE-2026-41730 Spring Data REST exposes persistence-layer internals in error responses

Spring Data REST serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence-layer internals to HTTP clients. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0 through 4.5.11; 5.0.0 through...

5.3CVSS5.5AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•9 views

CVE-2026-41729 Spring Data REST SpEL Injection via Map Key in JSON Patch

Spring Data REST is vulnerable to SpEL expression injection through map-typed properties when processing JSON Patch application/json-patch+json requests. When a persistent entity exposes a Map-typed property, the JSON Pointer path segment used as the map key is embedded directly into a SpEL...

8.1CVSS5.5AI score0.00393EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•9 views

CVE-2026-41728 Spring Data REST JSON Patch bypasses Jackson read-only property protection on nested objects and collections

Spring Data REST's JSON Patch application/json-patch+json implementation does not apply the write-access filter to intermediate path segments when resolving a multi-segment JSON Pointer. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0...

7.5CVSS5.4AI score0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:49 p.m.•9 views

CVE-2026-41727 In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

6.5CVSS5.5AI score0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•9 views

CVE-2026-41726 In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS5.4AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•9 views

CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.4AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•9 views

CVE-2026-41719 Spring Data KeyValue - SpEL Injection vulnerability in SpelPropertyComparator

A SpEL Injection vulnerability exists in the Spring Data KeyValue if unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator. Affected versions: Spring Data KeyValue / Spring Data Redis 4.0.0 through 4.0.5; 3.5.0 through...

6.4CVSS5.5AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•9 views

CVE-2026-41717 Spring Data MongoDB - SpEL Expression Injection via Annotated Query Parameter Binding

Spring Data MongoDB contains a SpEL Spring Expression Language expression injection vulnerability. The issue occurs during parameter binding when a user-defined repository query method is annotated with @Query and utilizes a capture-all placeholder. Affected versions: Spring Data MongoDB 5.0.0...

8.1CVSS5.5AI score0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•17 views

CVE-2026-41716 Spring Data web support unbounded negative-result cache keyed on attacker-supplied property names

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...

7.5CVSS5.4AI score0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•8 views

CVE-2026-41714 In Spring AMQP the RabbitConnectionFactoryBean.setUri("amqps://...") bypasses secure SSL setup, uses TrustEverythingTrustManager

Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri"amqps://..." without also calling setUseSSLtrue get TLS encryption with no certificate validation and no hostname verification. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1....

4CVSS5.4AI score0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/09 11:48 p.m.•9 views

CVE-2026-41711 Potential Denial of Service through crafted Sort Parameters

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS5.4AI score0.0028EPSS
Exploits0References1
Total number of security vulnerabilities163937