Export limit exceeded: 355059 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355059 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33805 | 2 Fastify, Fastify-reply-from Project | 5 Fastify-http-proxy, Fastify-reply-from, Fastify\/http-proxy and 2 more | 2026-06-01 | 8.6 High |
| @fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This allows attackers to retroactively strip proxy-added headers from upstream requests by listing them in the Connection header value. Any header added by the proxy for routing, access control, or security purposes can be selectively removed by a client. @fastify/http-proxy is also affected as it delegates to @fastify/reply-from. Upgrade to @fastify/reply-from v12.6.2 or @fastify/http-proxy v11.4.4 or later. | ||||
| CVE-2018-25408 | 1 Openises | 1 Open Ises Project | 2026-06-01 | 7.5 High |
| The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/download.php endpoint that allows unauthenticated attackers to download arbitrary files by manipulating the filename parameter. Attackers can supply directory traversal sequences ../ in the filename parameter to access files outside the intended directory, including configuration files and system files. | ||||
| CVE-2026-9308 | 1 Mozilla | 1 Firefox For Ios | 2026-06-01 | 5.4 Medium |
| Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was fixed in Firefox for iOS 151.2. | ||||
| CVE-2026-9309 | 1 Mozilla | 1 Firefox For Ios | 2026-06-01 | 5.4 Medium |
| Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScript execution in an internal origin. This vulnerability was fixed in Firefox for iOS 151.2. | ||||
| CVE-2025-61081 | 1 Byd | 1 Atto3 | 2026-06-01 | 7.5 High |
| DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
| CVE-2018-25426 | 1 Winmtr | 1 Winmtr | 2026-06-01 | 7.5 High |
| WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow condition that causes the application to crash. | ||||
| CVE-2026-27289 | 1 Adobe | 2 Photoshop, Photoshop Desktop | 2026-06-01 | 7.8 High |
| Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-48906 | 2 Tassos, Tassos.gr | 16 Advanced Custom Fields, Convert Forms, Engagebox and 13 more | 2026-06-01 | 8.1 High |
| The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites. | ||||
| CVE-2026-7210 | 1 Python | 2 Cpython, Python | 2026-06-01 | 9.8 Critical |
| `xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch. | ||||
| CVE-2026-4410 | 1 Ibm | 2 Websphere Application Server, Websphere Application Server Liberty | 2026-06-01 | 4.8 Medium |
| IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. | ||||
| CVE-2026-41863 | 2 Spring, Vmware | 2 Spring, Spring Ai | 2026-06-01 | 6.5 Medium |
| Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0 through 1.1.x | ||||
| CVE-2026-10244 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-06-01 | 3.5 Low |
| A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function create_medicine_name of the file /ShowForm/create_medicine_name/main. Performing a manipulation of the argument medicine_name results in cross site scripting. The attack can be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2026-42398 | 1 Elastic | 1 Kibana | 2026-06-01 | 7.7 High |
| Server-Side Request Forgery (CWE-918) in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations that the egress restriction controls were intended to block. | ||||
| CVE-2026-10264 | 1 Lharries | 1 Whatsapp-mcp | 2026-06-01 | 3.5 Low |
| A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly disclosed and may be utilized. Patch name: 6657cdceadd361e8fbe824afe9d00b4504009a5d. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2026-42399 | 1 Elastic | 1 Kibana | 2026-06-01 | 6.5 Medium |
| Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated low-privileged user can cause Kibana to consume exponentially increasing amounts of memory by submitting a specially crafted Timelion visualization expression containing deeply chained function calls. The resulting data structure grows without bound, exhausting available memory and causing the Kibana service to crash and become unavailable to all users. | ||||
| CVE-2026-42400 | 1 Elastic | 1 Kibana | 2026-06-01 | 6.5 Medium |
| Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization checks, causing excessive memory and CPU resource consumption that can result in a Kibana instance becoming unresponsive or crashing. | ||||
| CVE-2026-49093 | 1 Elastic | 1 Kibana | 2026-06-01 | 6.3 Medium |
| Server-Side Request Forgery (CWE-918) in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block. | ||||
| CVE-2026-6841 | 1 Bestpractical | 1 Request Tracker | 2026-06-01 | 6.1 Medium |
| Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0.9 and from 6.0.0 up to 6.0.2. | ||||
| CVE-2026-0393 | 1 Codesys | 1 Visualization | 2026-06-01 | 6.5 Medium |
| The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session. | ||||
| CVE-2026-33514 | 1 Discourse | 1 Discourse | 2026-06-01 | 4.3 Medium |
| Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, an authenticated user on a Discourse instance with the form templates feature enabled can read the name and structured content of form templates that are intended exclusively for categories they are not authorized to access. Impact is limited to disclosure of site configuration metadata. This issue has been fixed in versions 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1. | ||||