Export limit exceeded: 358249 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358249 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45014 | 1 Apostrophecms | 1 Apostrophecms | 2026-06-15 | N/A |
| ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 are vulnerable to stored cross-site scripting via unsanitized user display name in draft version tooltip. As of time of publication, no known patched versions are available. | ||||
| CVE-2026-54396 | 1 Misp | 1 Misp | 2026-06-15 | N/A |
| An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.user_id value from the submitted request data. An authenticated user with permission to edit an AuthKey could submit arbitrary user IDs and observe the returned dropdown data, allowing enumeration of user email addresses. The issue is fixed by deriving the dropdown user from the persisted AuthKey owner instead of the request body. | ||||
| CVE-2026-53606 | 1 Apostrophecms | 1 Sanitize-html | 2026-06-15 | 5.4 Medium |
| ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use `allowedSchemesAppliedToAttributes` (default: `['href', 'src', 'cite']`) to gate the `naughtyHref()` function that blocks dangerous URI schemes like `javascript:` and `vbscript:`. The HTML specification defines 10+ attributes that accept URIs (`action`, `formaction`, `data`, `poster`, `background`, `ping`, `xlink:href`, `dynsrc`, `lowsrc`), but none of these are included in the default gate list. When a developer allows any of these attributes in their configuration, `javascript:` URIs pass through completely unmodified, enabling XSS. Version 2.17.5 patches the issue. | ||||
| CVE-2026-54397 | 1 Misp | 1 Misp | 2026-06-15 | N/A |
| A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharing_group_id to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the non-REST save path accepted the submitted sharing_group_id without performing the same sharing group authorization check enforced by the REST edit path. An attacker could exploit this by tampering with the event edit request and assigning an event to an undisclosed or unauthorized sharing group. This could result in unauthorized use of restricted sharing groups, disclosure of the sharing group name in event listings, and unintended modification of the event’s distribution metadata. The issue is fixed by validating that the selected sharing group can be used by the current user when the sharing group is changed, and by clearing sharing_group_id when the event distribution is not set to sharing group distribution. | ||||
| CVE-2025-71319 | 2 Image-size, Image Sizes Project | 2 Image-size, Image Sizes | 2026-06-15 | 7.5 High |
| image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or HEIF image parsers by providing a crafted image containing a box with a size of zero, causing the offset to never advance and permanently hanging the application. | ||||
| CVE-2026-7210 | 1 Python | 2 Cpython, Python | 2026-06-15 | 7.5 High |
| `xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch. | ||||
| CVE-2026-34712 | 1 Adobe | 3 C2pa, C2pa-web, Cai Content Credentials | 2026-06-15 | 7.5 High |
| CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-34713 | 1 Adobe | 3 C2pa, C2pa-web, Cai Content Credentials | 2026-06-15 | 7.5 High |
| CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47902 | 1 Adobe | 3 C2pa, C2pa-web, Cai Content Credentials | 2026-06-15 | 6.2 Medium |
| CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47903 | 1 Adobe | 3 C2pa, C2pa-web, Cai Content Credentials | 2026-06-15 | 6.2 Medium |
| CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47905 | 1 Adobe | 3 C2pa, C2pa-web, Cai Content Credentials | 2026-06-15 | 6.2 Medium |
| CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47904 | 1 Adobe | 3 C2pa, C2pa-web, Cai Content Credentials | 2026-06-15 | 6.2 Medium |
| CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-11442 | 1 Allegro | 1 Allegro | 2026-06-15 | N/A |
| Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the exportReport method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-28208. | ||||
| CVE-2026-11443 | 1 Allegra | 1 Allegra | 2026-06-15 | N/A |
| Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the downloadAttachment method. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of arbitrary script. An attacker can leverage this vulnerability to execute script in the context of the current user. Was ZDI-CAN-28236. | ||||
| CVE-2026-54398 | 1 Misp | 1 Misp | 2026-06-15 | N/A |
| An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP object, or attributes contained within an object, to a sharing group that the user was not authorized to use or view. When editing objects, the sharing group validation was performed against the wrong request data structure after object fields had been merged to the top level, causing the check to be bypassed. In addition, attributes embedded in objects were not individually validated for authorized sharing group use. An attacker could craft a request with distribution set to 4 and an arbitrary sharing_group_id, potentially disclosing the existence or name of otherwise non-visible sharing groups and improperly modifying the distribution metadata of objects or contained attributes. | ||||
| CVE-2026-53825 | 1 Openclaw | 1 Openclaw | 2026-06-15 | 6.5 Medium |
| OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature that allows authenticated Gateway operators with operator.write scope to read local files outside intended ingest sources. Attackers with operator.write access can specify arbitrary local file paths to import file content into wiki memory, bypassing access restrictions. | ||||
| CVE-2026-11769 | 1 Grafana | 1 Grafana Operator | 2026-06-15 | N/A |
| We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. ### Summary The Grafana Operator supports loading dashboards & library panels using the jsonnet data templating language. The jsonnet expression is evaluated in the context of the operator manager pod. ### Impact It is possible for a malicious user who can create Dashboard or LibraryPanel resources for a Grafana instance to obtain the Kubernetes service account token of the Grafana Operator manager. ### Affected versions All Grafana Operator versions <= 5.23 ### Solutions and mitigations All installations should be upgraded as soon as possible. As a workaround, the following ValidatingAdmissionPolicy prevent the creation or modification of jsonnet based resources: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingAdmissionPolicy metadata: name: "prevent-jsonnet-dashboards" spec: failurePolicy: Fail matchConstraints: resourceRules: - apiGroups: ["grafana.integreatly.org"] apiVersions: ["v1beta1"] operations: ["CREATE", "UPDATE"] resources: ["grafanadashboards", "grafanalibrarypanels"] validations: - expression: "!has(object.spec.jsonnetLib)" --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingAdmissionPolicyBinding metadata: name: "prevent-jsonnet-dashboards-clusterwide" spec: policyName: "prevent-jsonnet-dashboards" validationActions: [Deny] ### Acknowledgement We would like to thank Artem Cherezov for responsibly disclosing the vulnerability. | ||||
| CVE-2026-9109 | 2 John-dagelmore, Wordpress | 2 Gptranslate – Multilingual Ai Translation For Wordpress: Automatically Translate Websites, Wordpress | 2026-06-15 | 7.2 High |
| The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API Translation Storage in all versions up to, and including, 2.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The deterministically derived API key (sha256 of the site URL) is printed in the HTML source of every page via the JavaScript variable gptApiKey, meaning any unauthenticated visitor can retrieve the key and submit malicious translation payloads to the /wp-json/gptranslate/v1/request endpoint without any additional precondition. | ||||
| CVE-2026-53830 | 1 Openclaw | 1 Openclaw | 2026-06-15 | 6.5 Medium |
| OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing callers with old Slack and Zalo webhook secrets to remain active after secrets.reload. Attackers can exploit the stale-secret window to deliver webhook events after operator-expected secret revocation, potentially accepting previous credentials. | ||||
| CVE-2026-53836 | 1 Openclaw | 1 Openclaw | 2026-06-15 | 8.8 High |
| OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass execution allowlist checks by using unrecognized encoded-command alias forms to execute arbitrary PowerShell content. | ||||