搜尋

52,159 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

—CVE-2026-50591IN Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.2026/6/5
—CVE-2026-50592In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in AdminCommunicationLog (aka the communication log administratio…2026/6/5
—CVE-2026-502642026/6/5
—CVE-2026-47306Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads.2026/6/4
MEDIUM5.3CVE-2026-47676Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths2026/6/4
MEDIUM5.3CVE-2026-47674Hono: IP Restriction bypasses static deny rules for non-canonical IPv62026/6/4
MEDIUM4.3CVE-2026-47675Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection2026/6/4
MEDIUM4.8CVE-2026-47673Hono: JWT middleware accepts any Authorization scheme, not only Bearer2026/6/4
—CVE-2026-44393An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0.2026/6/4
HIGH7.5CVE-2026-34077React Router vulnerable to Denial of Service via reflected user input in single-fetch2026/6/4
HIGH7.6CVE-2026-45337Better Auth: Device authorization approve and deny accept any authenticated session while the user code is pending2026/6/4
HIGH7.5CVE-2026-44496Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection2026/6/4
HIGH7.5CVE-2026-44488Allocation of Resources Without Limits or Throttling in Axios2026/6/4
—CVE-2026-44487Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter2026/6/4
HIGH7.5CVE-2026-44486Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection2026/6/4
MEDIUM5.9CVE-2026-48681OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.2026/6/4
HIGH8.8CVE-2026-49143EPSS 0.15%browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler2026/6/3
MEDIUM6.5CVE-2026-49144EPSS 0.02%browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server2026/6/3
HIGH7.5CVE-2026-42342EPSS 0.05%React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint2026/6/3
HIGH8.1CVE-2026-42211EPSS 0.25%React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE2026/6/3
—CVE-2026-40181EPSS 0.04%React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation2026/6/3
HIGH8.0CVE-2026-33245EPSS 0.03%React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets2026/6/3
MEDIUM5.4CVE-2026-33244EPSS 0.03%React Router has stored XSS via unescaped Location header in prerendered redirect HTML2026/6/3
—CVE-2026-46272In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When…2026/6/3
—CVE-2026-46267In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llc_shdlc_…2026/6/3

第 1 / 2087 頁下一頁 →