Lucene search
K
VulnrichmentRecent

161701 matches found

Vulnrichment
Vulnrichment
added 2026/06/24 2:20 p.m.9 views

CVE-2026-50699 Frappe Framework 17.0.0-dev - Stored XSS in Auto Repeat dashboard schedule rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...

4.6CVSS6AI score0.00313EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 2:17 p.m.8 views

CVE-2026-50698 Frappe Framework 17.0.0-dev - Stored XSS in Audit Trail template rendering

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input before generating HTML output in the Audit Trail component...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 2:8 p.m.5 views

CVE-2026-12986

A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...

8.8CVSS6.6AI score0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 2:1 p.m.5 views

CVE-2026-11877 Missing Authorization Vulnerability in OpenText Access Manager

An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager. This issue affects Access Manager before 5.1.3...

6.3CVSS5.9AI score0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 2:1 p.m.5 views

CVE-2026-11878 Reflected Cross-Site Scripting vulnerability in OpenText Access Manager

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText Access Manager allows Cross-Site Scripting XSS. This issue affects Access Manager: from 5.1 through 5.1.2...

8.2CVSS5.8AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:37 p.m.11 views

CVE-2026-12537 Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows

Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...

10CVSS6.3AI score0.00134EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:21 p.m.12 views

CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57307

A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b450b1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.8AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57306

A cross-site request forgery CSRF vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b450b1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.8AI score0.0011EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.7 views

CVE-2026-57305

A cross-site request forgery CSRF vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified username and password...

5.8AI score0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57304

A missing permission check in Jenkins Assembla Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username and password...

5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-57303

Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing attackers able to control the responses of the configured Assembla server to extract secrets from the Jenkins controller or perform server-side request forgery...

5.9AI score0.00224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-57301

Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller...

6.3AI score0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57302

Jenkins FitNesse Plugin 1.36 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Extended Read permission or access to the Jenkins controller file system...

5.9AI score0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.3 views

CVE-2026-57299

Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata...

5.9AI score0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57300

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

5.9AI score0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-57298

A cross-site request forgery CSRF vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL using an attacker-specified username, API key, and service key...

5.8AI score0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.3 views

CVE-2026-57297

A missing permission check in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username, API key, and service key...

5.9AI score0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-57296

Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system, which can...

6.3AI score0.00595EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57294

A missing permission check in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a81c3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials stored in Jenkins...

5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57295

A cross-site request forgery CSRF vulnerability in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a81c3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials stored in Jenkins...

5.8AI score0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57293

An incorrect permission check in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credentials IDs of credentials stored in Jenkins...

5.9AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57291

Missing permission checks in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...

5.8AI score0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57292

A cross-site request forgery CSRF vulnerability in Jenkins Gitee Plugin 1288.v18bdebc9069b and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...

5.8AI score0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57289

Jenkins Bitbucket Push and Pull Request Plugin 3.3.8 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections sending Bearer token authenticated requests to the configured Bitbucket Server endpoint, allowing attackers able to intercept network traffic to...

5.9AI score0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-42450 OpenColorIO vulnerable to stack buffer overflow via unbounded `sscanf %s` in Spi3D (.spi3d) LUT parser

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57290

A cross-site request forgery CSRF vulnerability in Jenkins Priority Sorter Plugin 936.v2c01c6b84449 and earlier allows attackers to overwrite the global job priority configuration...

5.8AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57287

Jenkins Job Configuration History Plugin 1356.ve360da6c523a and earlier does not redact the encrypted values of secrets when displaying historical job and agent configurations, allowing attackers with Extended Read permission to view encrypted secret values that would otherwise be redacted...

5.8AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-57288

Jenkins Active Directory Plugin 2.41.1 and earlier does not escape the user name before building the LDAP search filter in the Windows native ADSI authentication path, allowing unauthenticated attackers to inject LDAP wildcard characters to enumerate directory entries and to authenticate as a...

5.9AI score0.00224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.7 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

5.9AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57285

A missing permission check in Jenkins GitHub Branch Source Plugin 1967.1969.v205fd594c821 and earlier allows attackers with Overall/Read permission to obtain the URLs of GitHub Enterprise servers configured in the global plugin configuration...

5.9AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57284

Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types related to job or system configuration other than Pipeline steps...

5.9AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57282

Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name of a build's working directory to execute arbitrary operating system commands on the agent...

6.2AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.4 views

CVE-2026-57283

A cross-site request forgery CSRF vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instantiate types related to job or system configuration other than Pipeline steps through the Pipeline Snippet Generator...

5.8AI score0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57281

Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions member, allowing attackers able to run sandboxed Groovy scripts to execute code outside the sandbox if a suitable script is present on the classpath of the...

6AI score0.00594EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57280

Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attackers able to provide such scripts to invoke arbitrary constructors and bypass the sandbox protection...

6AI score0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 12:49 p.m.7 views

CVE-2026-13163 Lack of input validation in Mailerup input parameter leads to Open Redirect

Open redirect vulnerability CWE-601 in the saferedirect function of the click-tracking endpoint /c// in Mailerup 1.0.0 on all platforms allows remote unauthenticated attackers to redirect victims to arbitrary external sites and conduct phishing attacks via a crafted u query parameter, because the...

5.3CVSS6.1AI score0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/24 12:33 p.m.10 views

CVE-2026-12242 AdRotate Banner Manager <= 5.17.7 - Authenticated (Contributor+) PHP Code Injection via 'banner' Shortcode Attribute

The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...

8.8CVSS6.2AI score0.00467EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.4 views

CVE-2026-56370 ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS5.9AI score0.00121EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56761 hono - HTML Injection via Improper JSX Attribute Name Handling in SSR

hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using malformed attribute names. Attackers can craft specially crafted attribute keys containing characters like quotes or angle brackets to break html tag...

5.3CVSS6AI score0.00174EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56368 ImageMagick - Memory Leak in Raw Pixel Data Coders

ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...

6.3CVSS5.8AI score0.0026EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.8 views

CVE-2026-56358 n8n - Stored Cross-Site Scripting in Form Trigger Node

n8n before 1.123.25 1.x and before 2.11.2 2.x, with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in the Form Trigger node's CSS sanitization that allows authenticated users to inject malicious scripts. Attackers with workflow creation permissions can injec...

5.4CVSS5.7AI score0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56351 n8n - SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes

n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to inject arbitrary SQL through unescaped identifier values in node configuration parameters. Attackers with workflow creation permissions can supply...

8.2CVSS6.1AI score0.00217EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.6 views

CVE-2026-56338 Capgo - Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint

Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authenticated users cannot complete 2FA enrollment as the backend consistently returns HTTP 500 errors...

6.9CVSS5.9AI score0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.6 views

CVE-2026-56310 Cap-go - Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass

Cap-go before 12.128.2 contains an authorization bypass vulnerability in the GET /organization/members endpoint that allows org-limited API keys to bypass limitedtoorgs restrictions. Attackers with org-limited API keys can read membership data including uid, email, imageurl, role, and istmp from...

5.3CVSS5.9AI score0.00182EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56337 Capgo - Information Disclosure via Unauthenticated RPC Function exist_app_v2

Capgo before 12.128.2 contains an information disclosure vulnerability in the public.existappv2 RPC function that allows unauthenticated attackers to enumerate appids by calling POST /rest/v1/rpc/existappv2 with arbitrary appid parameters. Remote attackers can exploit this SECURITY DEFINER functi...

6.9CVSS6AI score0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56302 Capgo - Unsecured Supabase Images Bucket via Missing Row Level Security

Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers can exploit this misconfiguration to delete all icons and leak sensitive app IDs and user IDs...

6.9CVSS5.9AI score0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.6 views

CVE-2026-56272 Flowise - Insufficient Password Salt Rounds in Bcrypt Hashing

Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...

5.6CVSS5.8AI score0.00073EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56270 Flowise - Unauthenticated OAuth Secrets Disclosure via /api/v1/loginmethod Endpoint

Flowise before 3.1.0 versions 3.0.13 and earlier contains a missing authentication vulnerability in the /api/v1/loginmethod endpoint that allows unauthenticated users to retrieve an organization's complete SSO configuration, including OAuth client secrets in cleartext, by providing an...

8.7CVSS5.9AI score0.00383EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56269 Flowise - Weak Default Token Hash Secret in JWT Token Encryption

Flowise before 3.1.0 npm package flowise, versions 3.0.13 and earlier uses a weak hardcoded default value 'Secre$t' for the TOKENHASHSECRET environment variable in packages/server/src/enterprise/utils/tempTokenUtils.ts when the variable is not configured. This secret derives the AES-256-CBC key...

4.6CVSS5.8AI score0.00093EPSS
Exploits0References2
Total number of security vulnerabilities161701