Lucene search
+L
VulnrichmentRecent

163865 matches found

Vulnrichment
Vulnrichment
added 1 hour ago2 views

CVE-2026-9198 Unauthenticated Remote Code Execution via Auto-Login Bypass and Code Validation

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/autologin mints SUPERUSER tokens to any network caller with /api/v1/validate/code executes user code via exec to achieve full RCE on default Langflow deployments...

9.8CVSS5.5AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago2 views

CVE-2026-9762 IBM® Data Server driver for JDBC and SQLJ is vulnerable to remote code execution when jdbc url is under user control

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution when jdbc url is under user control...

7.8CVSS6.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago3 views

CVE-2025-59866

The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions Leading to Privilege Escalation’ vulnerability, which enables any logged-in non-administrative user to overwrite or replace the executable file with a malicious binary...

3.3CVSS5.4AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago3 views

CVE-2026-21764 Insufficient Input Validation in DevOps Loop

HCL DevOps Loop is affected by insufficient input validation that allows special characters where they should be restricted. This may result in unintended application behavior under certain conditions...

3.1CVSS5.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago3 views

CVE-2026-21761 CORS Misconfiguration in DevOps Loop

HCL DevOps Loop is affected by a Cross-Origin Resource Sharing CORS misconfiguration. Improper CORS configuration may allow unauthorized cross-origin requests, potentially exposing application resources to untrusted domains...

4.2CVSS5.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago5 views

CVE-2026-21760 Unauthorized Access to Admin Functionality via Forced Browsing

HCL DevOps Loop is affected by an Unauthorized Access to Admin Functionality Forced Browsing vulnerability. Improper authorization checks may allow unauthorized users to access restricted administrative functionality by directly accessing protected application endpoints...

4.6CVSS5.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago4 views

CVE-2026-12694 Missing Authorization in Vimesoft's Enterprise Video Platform

Missing Authorization vulnerability in Vimesoft Inc. Enterprise Video Platform allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

9.1CVSS5.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 1 hour ago3 views

CVE-2026-54496 Missing copy constraint in halo2_gadgets variable-base scalar multiplication allows under-constrained base, breaking Orchard Action circuit soundness

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad 5.0.0, halo2gadgets 0.5.0, orchard 0.14.0, zcashprimitives 0.28.0, and zcashd 6.20.0, the variable-base scalar multiplication gadget in halo2gadgets/src/ecc/chip/mul/incomplete.rs used assignadvice for the base point without a copy...

9.3CVSS5.3AI score
Exploits0References7
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-12693 IDOR in Vimesoft's Enterprise Video Platform

Authorization bypass through User-Controlled key vulnerability in Vimesoft Inc. Enterprise Video Platform allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

9.4CVSS5.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2 hours ago2 views

CVE-2026-16104 Keycloak-services: keycloak-services: authenticator config endpoint exposes raw recaptcha secrets to view-only admins

A flaw was found in the authentication configuration endpoint of the keycloak-services component, which is the core engine for Red Hat Build of Keycloak identity and access management. The issue occurs because the system fails to mask sensitive configuration values, such as reCAPTCHA secret keys,...

4.3CVSS5.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-16103 Keycloak-services: keycloak-services: incomplete fix for ciba brute-force lockout bypass at token redemption

A flaw was found in the keycloak-services component of Keycloak. This issue is an incomplete fix for CVE-2026-9798, where brute-force protection checks were added to the Client-Initiated Backchannel Authentication CIBA initiation handler but were omitted from the token redemption handler. This...

4.3CVSS5.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-16106 Keycloak-services: keycloak-services: incorrect authorization in admin role-composite deletion allows delegated admin to remove privileged child roles

A flaw was found in the admin REST API of Keycloak, a solution for identity and access management. The issue occurs when a delegated administrator attempts to remove a child role from a composite role. Due to missing authorization checks, an attacker with limited administrative permissions can...

4.9CVSS5.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-16108 Keycloak-services: keycloak-services: realm default-group reads disclose hidden groups under fgap v2

A flaw was found in the default-groups REST endpoint and realm representation of Keycloak. This component is responsible for managing groups that are automatically assigned to new users within a realm. The issue allows a delegated administrator with realm-viewing permissions to see the names and...

4.3CVSS5.2AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-44722 pyzipper: Encryption bypass for small files encrypted with pyzipper

pyzipper is a replacement for Python's zipfile that can read and write AES encrypted zip files. Prior to 0.4.0, a Python operator precedence bug in pyzipper/zipfileaes.py caused the AE-2 format to never be automatically selected during encryption, causing encrypted entries to be written in AE-1...

6.2CVSS5.2AI score0.00009EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-12692 Improper Authentication in Vimesoft's Enterprise Video Platform

Unverified password change vulnerability in Vimesoft Inc. Enterprise Video Platform allows Authentication Bypass. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

9.8CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-12691 Authentication Bypass in Vimesoft's Enterprise Video Platform

Missing authentication for critical function vulnerability in Vimesoft Inc. Enterprise Video Platform allows Authentication Bypass. This issue affects Enterprise Video Platform: from 3.11.0.0 before 3.25.0...

7.5CVSS5.4AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-49215 Symfony UX: CSRF Protection Bypass in symfony/ux-live-component — Accept Header is CORS-Safelisted

Symfony UX is a JavaScript ecosystem for Symfony. From 2.22.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\EventListener\LiveComponentSubscriber::isLiveComponentRequest gates LiveAction invocations on Accept: application/vnd.live-component+html, but the Accept header is CORS-safelisted and...

2.1CVSS5.2AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-57860 ForgeCode Arbitrary Code Execution via Unvetted .mcp.json in Untrusted Repository

ForgeCode tailcallhq/forgecode, an AI pair-programming CLI, automatically loads and executes the MCP servers defined in a repository's .mcp.json file on startup without user confirmation. A malicious repository can supply a crafted .mcp.json whose mcpServers entries specify arbitrary command and...

8.4CVSS5.9AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-63309 SurrealDB < 3.1.5 Information Disclosure via ORDER BY

SurrealDB before 3.1.5 fail to apply field-level SELECT permissions to ORDER BY clauses, allowing authenticated users to leak the relative ordering of restricted field values. Attackers can issue ORDER BY queries on indexed restricted fields to recover the hidden values' sort order across records...

5.3CVSS5.3AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-49211 Symfony UX: Information exposure via unescaped LIKE wildcards in EntitySearchUtil

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, Symfony\UX\Autocomplete\Doctrine\EntitySearchUtil::addSearchClause builds the LIKE expression used by the autocomplete endpoint by wrapping the client-supplied query in %...% without escaping SQL LIKE wildcards %...

6.9CVSS5.6AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-63308 Helm Files.Lines Denial of Service via Empty Chart Files

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS5.3AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-49210 Symfony UX: XSS in symfony/ux-live-component via attacker-controlled child component tag

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Util\ChildComponentPartialRenderer::createHtml interpolates the client-controlled childrenid.tag value from LiveComponentSubscriber and InterceptChildComponentRenderSubscriber directly in...

2.3CVSS5.4AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-49212 Symfony UX: LiveComponentHydrator HMAC checksum lacks component and slot binding

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, the HMAC computed by Symfony\UX\LiveComponent\LiveComponentHydrator covered only sorted prop key/value pairs and did not include the component name, the slot identifier props vs propsFromParent, or request contex...

6.9CVSS5.2AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago2 views

CVE-2026-49209 Symfony UX: Denial of service in symfony/ux-live-component via unbounded batch action requests

Symfony UX is a JavaScript ecosystem for Symfony. From 2.5.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Controller\BatchActionController::invoke iterates over the client-supplied actions array and issues a full HttpKernel sub-request for each entry; because the array size is never bounded, ...

5.3CVSS5.3AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2 hours ago2 views

CVE-2026-9588 Authenticated Stored Cross-Site Scripting (XSS) in Switchvox SMB Web Portal

A stored cross-site scripting XSS vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997 within the voicemail notification template functionality. The submitmodifyvoicemailtemplate endpoint fails to properly sanitize HTML content supplied by authenticated users, allowing malicious...

7CVSS4.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-9587 Authenticated Local File Inclusion (LFI) in Switchvox SMB Web Portal

An authenticated local file inclusion vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The playfile functionality accepts user-controlled input through the soundpath parameter and fails to properly validate file paths before accessing the underlying filesystem. By supplying...

7.1CVSS5.4AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS6.7AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2 hours ago3 views

CVE-2026-11763 IDOR in GIS Informatics' GisLab Laboratory Management System

Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows Exploitation of Trusted Identifiers. This issue affects GisLab Laboratory Management System: from 1.4.03...

6.5CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2 hours ago4 views

CVE-2026-9585 Unauthenticated Reflected Cross-Site Scripting (XSS) in Switchvox SMB Web Portal

An unauthenticated reflected cross-site scripting XSS vulnerability exists in Sangoma Switchvox SMB Edition version 8.3 104997. The application fails to properly sanitize the portal parameter supplied to the invalidbrowser and invalidbrowserlogin handlers. User-supplied data is reflected into...

8.6CVSS5.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-63101 Open Event Server 1.19.1 Unauthenticated Member Roster Export via CSV Export Endpoint

Open Event Server through 1.19.1 contains a missing authentication vulnerability that allows unauthenticated attackers to export the complete member roster of any group, including email addresses, names, join dates, and roles, by submitting requests to the group followers CSV export endpoint whic...

8.7CVSS5.4AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 3 hours ago4 views

CVE-2026-8297 SQLi in GIS Informatics' GisLab Laboratory Management System

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows SQL Injection. This issue affects GisLab Laboratory Management System: fr...

9.8CVSS5.7AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-63099 TheHive 4.1.24 Broken Object Level Authorization via Attachment Download Endpoints

TheHive through 4.1.24 contains a broken object-level authorization vulnerability in the attachment download endpoints that allows any authenticated user to access attachments belonging to other organizations by supplying a content-hash identifier. Attackers can exploit the missing...

7.1CVSS5.5AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 3 hours ago2 views

CVE-2026-63098 TheHive 4.1.24 Unauthenticated Information Disclosure via /api/status Endpoint

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS5.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-63096 Dendrite 0.13.8 SSRF via Unauthenticated Legacy Media Download Endpoint

Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows unauthenticated attackers to cause the server to open outbound TLS connections to arbitrary hosts and ports by supplying an unvalidated serverName parameter to the legacy media download endpoint. Attackers ca...

6.9CVSS5.5AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-15783 Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed reading private repository metadata via delegated bypass rule suites

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with write access to any repository to read metadata from private repositories they did not have access to, including private repository owners and names, branch names, commit SHAs,...

5.3CVSS5.4AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-14741 HTTP::Date versions before 6.08 for Perl allow CPU exhaustion via polynomial regex backtracking in parse_date

HTTP::Date versions before 6.08 for Perl allow CPU exhaustion via polynomial regex backtracking in parsedate. parsedate matches the date string against a chain of alternative regexes, and str2time delegates to it. Several of these patterns place unbounded quantifiers next to each other before a...

5.3AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-15343 Path traversal vulnerability in GitHub Enterprise Server allowed writing files to arbitrary repository paths, including GitHub Actions workflow files, via unchecked Dependabot dependency-file paths

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker who had code execution inside the Dependabot updater container to write files to arbitrary repository paths, including GitHub Actions workflow files under .github/workflows/ as the path validation d...

8.6CVSS6.2AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 3 hours ago4 views

CVE-2026-15007 Denial of service vulnerability in GitHub Enterprise Server allowed service disruption via deeply nested YAML in release notes configuration

A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to cause service disruption by supplying a repository release notes configuration file containing deeply nested YAML. When release notes were generated, the configuration file was parse...

8.3CVSS5.3AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-12715 Missing Authorization in Firebase Studio allows Cross-Tenant Source Code Theft

Missing Authorization in Google Cloud Firebase Studio versions prior to 2026-04-15 on Google Cloud Platform allows an attacker to download other users' deployed source code and access sensitive data via unauthorized GCS URL signing requests. This vulnerability was patched on 15 April 2026, and no...

8.5CVSS5.5AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 3 hours ago2 views

CVE-2026-14871 osTicket v1.18.3 - v1.17.7 - BOLA/IDOR in ticket field viewing allows cross-department data disclosure

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS5.3AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 4 hours ago3 views

CVE-2026-12705 Integrity mechanism of KNX-device FW-files can be bypassed in ABB Update Tool

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 4 hours ago4 views

CVE-2026-63093 Cursor for Windows 3.2.16 RCE via Malicious git.exe in Workspace

Cursor for Windows version 3.2.16 contains a binary planting vulnerability that allows remote attackers to achieve arbitrary code execution by placing a malicious git.exe file in the repository root directory. When a developer clones and opens a crafted repository, Cursor automatically resolves a...

8.8CVSS6.3AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 4 hours ago3 views

CVE-2026-16017 mosaxiv clawlet cron Chat Tool tool_cron.go remove authorization

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function list/remove of the file tools/toolcron.go of the component cron Chat Tool. The manipulation results in missing authorization. The attack may be performed from remote. The exploit has been released to the...

6.5CVSS6AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2026-9592 Sensitive Information Disclosure in HTTP header

SEPPmail Secure Email Gateway & SEPPmail Cloud before version 15.0.4.2 allows an attacker to replay & hijack a user session in the GINA web portal, as the session token is disclosed inside the URL and a HTTP header...

9.3CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2024-23572

HCL Aftermarket EPC is vulnerable to attack as cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function...

4.2CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2024-23570

HCL Aftermarket EPC is affected by clickjacking vulnerability Cross-Frame Scripting is an attack technique where an attacker loads a vulnerable application in an iFrame on his malicious site. The attacker can then launch a Clickjacking attack, which may lead to Phishing, Cross-Site Request Forger...

4.3CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2024-23578

HCL Aftermarket EPC is vulnerable to attack as the application implements an HTML5 cross-origin resource sharing CORS policy for this request that allows access from any domain -Wildcard...

4.2CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2024-23569

HCL Aftermarket EPC is vulnerable to attack since the server is not configured with “X-XSS-Protection" header...

4.3CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2024-23577

HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...

4.3CVSS5.6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 5 hours ago3 views

CVE-2024-23574

HCL Aftermarket EPC is vulnerable to attack since It was found that a malicious actor can use brute-force techniques to either guess or confirm valid users in the system. Use renumeration is when a malicious actor can use brute-force techniques to either guess or confirm valid users in a system...

5.3CVSS5.3AI score
Exploits0References1
Total number of security vulnerabilities163865