Lucene search
K

368638 matches found

CVE
CVE
added 4 days ago6 views

CVE-2026-50290

Technical details for CVE-2026-50290 are not publicly available in the provided documents; monitor for updates.

Exploits0References5
CVE
CVE
added 4 days ago10 views

CVE-2026-50288

Technical details are not publicly available in the provided documents. Monitor for updates as information about CVE-2026-50288 may be released later.

Exploits0References6
CVE
CVE
added 4 days ago21 views

CVE-2026-13743

CVE-2026-13743 affects CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20. The issue is an improper verification of cryptographic signatures that allows an attacker with physical access to upload arbitrary malicious firmware without authentication. Per the sources, impact includes ...

5.2CVSS5.9AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 4 days ago14 views

CVE-2026-7311

The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress (up to version 3.6.13) is vulnerable to arbitrary file deletion due to insufficient file path validation in delete_converted_image_size. Authenticated attackers with author-level access can delete arbitrary files on the server ...

8.1CVSS6.5AI score0.0067EPSS
Exploits0References6
CVE
CVE
added 4 days ago11 views

CVE-2026-44454

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-44454.

Exploits0References10
CVE
CVE
added 4 days ago14 views

CVE-2026-58465

The CVE affects Eclipse Wakaama before snapshot/2026-05-26, with an unbounded memory allocation in the CoAP Block1 handler (coap/block.c). Unauthenticated remote attackers can exhaust memory by sending a sequence of Block1 PUT requests with incrementing block numbers to the registration endpoint ...

8.7CVSS6AI score0.00555EPSS
Exploits0References4
CVE
CVE
added 4 days ago9 views

CVE-2026-52854

Technical details for CVE-2026-52854 are not publicly available in the provided documents. The entry appears reserved with no exposed vulnerability information. Monitor for updates when details are published.

Exploits0References4
CVE
CVE
added 4 days ago8 views

CVE-2026-50180

Technical details for CVE-2026-50180 are not publicly available in the provided documents. Monitor for updates.

Exploits0References5
CVE
CVE
added 4 days ago7 views

CVE-2026-50181

Technical details for CVE-2026-50181 are not publicly available in the provided documents. No affected products, impact, vectors, or remediation are disclosed. Monitor for updates.

Exploits0References5
CVE
CVE
added 4 days ago15 views

CVE-2026-50192

Technical details for CVE-2026-50192 are not publicly available in the provided documents. Monitor for updates.

Exploits0References5
CVE
CVE
added 4 days ago13 views

CVE-2026-50185

Technical details for CVE-2026-50185 are not publicly available in the provided documents. Monitor for updates as information may be disclosed later.

Exploits0References4
CVE
CVE
added 4 days ago13 views

CVE-2026-50149

Technical details for CVE-2026-50149 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation information is available.

0.00023EPSS
Exploits0References4
CVE
CVE
added 4 days ago5 views

CVE-2026-38057

Technical details for CVE-2026-38057 are not publicly available in the provided documents. Monitor for updates from official advisories.

Exploits0References1
CVE
CVE
added 4 days ago5 views

CVE-2026-38059

Technical details for CVE-2026-38059 are not publicly available in the provided documents. The entry remains reserved with no disclosed impact, affected products, or remediation in the supplied data. Monitor for updates from official advisories.

Exploits0References1
CVE
CVE
added 4 days ago14 views

CVE-2024-58352

Landray OA contains an unauthenticated HQL injection via the wechatLoginHelper.do endpoint. An attacker can inject malicious HQL into the uid parameter, abusing the string-concatenated filter expression passed to Hibernate findList() to query arbitrary entity classes. This can lead to extraction ...

8.7CVSS6.2AI score0.00564EPSS
In wildExploits0References4
CVE
CVE
added 4 days ago12 views

CVE-2022-50973

Summary: CVE-2022-50973 affects Yonyou KSOA 9.0. The issue is an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet. Exploitation requires no authentication and relies on attacker-controlled filepath and filename parameters, with no validation of file t...

9.8CVSS6.2AI score0.0086EPSS
In wildExploits0References5
CVE
CVE
added 4 days ago15 views

CVE-2024-14037

Redsea Cloud eHR contains an unauthenticated arbitrary file upload vulnerability (CVE-2024-14037) affecting the PtFjk.mob servlet endpoint. An attacker can submit a multipart POST with a JSP webshell disguised by a spoofed image/jpeg Content-Type to bypass extension/MIME validation, uploading the...

9.8CVSS6.5AI score0.00708EPSS
In wildExploits0References4
CVE
CVE
added 4 days ago7 views

CVE-2026-8699

CVE-2026-8699 reports a stored Cross-Site Scripting (XSS) vulnerability in the Archer C5 web-based management interface (v6.8). Root cause: insufficient server-side validation and lack of proper output encoding for a specific input field, allowing an admin-level attacker to inject crafted HTML/JS...

7CVSS6AI score0.00177EPSS
Exploits0References1
CVE
CVE
added 4 days ago14 views

CVE-2026-50282

Craft CMS contains an authorization issue in AssetsController::actionMoveFolder where calling with force=true to move a folder into a destination with a conflicting name can overwrite and delete the destination folder without destination delete permission. Affected versions are 5.0.0-RC1 and abov...

7.1CVSS5.7AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 4 days ago15 views

CVE-2026-54891

The CVE-2026-54891 entry concerns Erlang/OTP ssl (tls_gen_connection.erl) where a network-positioned attacker can inject unauthenticated plaintext during TLS handshake. The tls_gen_connection:handle_protocol_record/3 function rejects APPLICATION_DATA in pre-handshake when acting as a server, but ...

6.3CVSS5.8AI score0.00164EPSS
Exploits0References5
Rows per page
Query Builder