Export limit exceeded: 366571 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366571 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366571 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56261 | 2 Crawl4ai, Kidocode | 2 Crawl4ai, Crawl4ai | 2026-07-14 | 8.6 High |
| Crawl4AI before 0.8.7 contains a server-side request forgery (SSRF) vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, or cloud metadata endpoints (e.g. 169.254.169.254), causing the server to make requests to internal services and potentially expose cloud metadata. | ||||
| CVE-2026-56260 | 2 Crawl4ai, Kidocode | 2 Crawl4ai, Crawl4ai | 2026-07-14 | 9.1 Critical |
| Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and /pdf endpoints. The output_path parameter accepts arbitrary filesystem paths without validation, allowing an attacker to supply absolute or path-traversal values to write to any location writable by the application's user, overwriting server files and causing denial of service. | ||||
| CVE-2026-56259 | 2 Crawl4ai, Kidocode | 2 Crawl4ai, Crawl4ai | 2026-07-14 | 8.2 High |
| Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by supplying a malicious base_url parameter and setting api_token to env:VARIABLE_NAME to exfiltrate provider API keys and server secrets including JWT SECRET_KEY for authentication bypass. | ||||
| CVE-2026-56258 | 2 Crawl4ai, Kidocode | 2 Crawl4ai, Crawl4ai | 2026-07-14 | 8.1 High |
| Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use (TOCTOU) attacks on the output_path parameter. Remote attackers can exploit insufficient path validation and symlink following to achieve arbitrary file write and potential code execution on systems where the runtime user has write access to executable or cron locations. | ||||
| CVE-2026-56123 | 2 Dest-unreach, Socat | 2 Socat, Socat | 2026-07-14 | 8.1 High |
| socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content. | ||||
| CVE-2026-56109 | 1 Alsa-project | 1 Alsa-lib | 2026-07-14 | 6.8 Medium |
| The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free vulnerability in parse_def() in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parse_def() fails to check return values before continuing, causing snd_config_delete() to be called twice on the same already-freed node, resulting in a NULL-pointer write or invalid memory read. | ||||
| CVE-2026-56104 | 1 Chainlit | 1 Chainlit | 2026-07-14 | 8.2 High |
| Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the restore_existing_session path to assume a victim's permissions and roles, enabling unauthorized invocation of tools and access to data restricted to the authenticated victim. | ||||
| CVE-2026-55205 | 2 Get-hermes, Nesquena | 2 Hermes Web Ui, Hermes-webui | 2026-07-14 | 5.3 Medium |
| Hermes WebUI before 0.51.468 contains a resource exhaustion vulnerability in the unauthenticated POST /api/onboarding/oauth/start endpoint that allows unbounded accumulation of in-memory flow state and daemon threads. Attackers can send repeated or concurrent requests to exhaust server memory and thread resources, potentially triggering repeated outbound device-code requests to upstream OAuth providers. | ||||
| CVE-2026-55198 | 2 Get-hermes, Nesquena | 2 Hermes Web Ui, Hermes-webui | 2026-07-14 | 6.5 Medium |
| Hermes WebUI before 0.51.443 contains an authorization bypass vulnerability in the session export endpoint that allows authenticated users to access sessions from other profiles. The _handle_session_export handler in api/routes.py fails to verify active-profile ownership before serializing session data, enabling attackers to exfiltrate foreign session transcripts by guessing or knowing session identifiers. | ||||
| CVE-2026-55197 | 2 Get-hermes, Nesquena | 2 Hermes Web Ui, Hermes-webui | 2026-07-14 | 6.5 Medium |
| Hermes WebUI before 0.51.443 contains a broken access control vulnerability in the /api/session endpoint that allows authenticated users to disclose cross-profile session transcripts. Attackers can bypass profile boundary checks by directly querying session IDs belonging to other profiles via GET /api/session?session_id=<foreign_id>&messages=1 to retrieve unauthorized conversation transcripts and metadata. | ||||
| CVE-2026-55196 | 2 Get-hermes, Hermes-webui | 2 Hermes Web Ui, Hermes-webui | 2026-07-14 | 9.1 Critical |
| Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey registration endpoints that allows unauthenticated remote attackers to register arbitrary passkeys. When HERMES_WEBUI_PASSKEY=1 is enabled with no existing credentials, POST /api/auth/passkey/register/options and POST /api/auth/passkey/register endpoints are accessible without authentication, allowing attackers to claim the first passkey and gain permanent administrative control. | ||||
| CVE-2026-54388 | 2 Tinyproxy, Tinyproxy Project | 2 Tinyproxy, Tinyproxy | 2026-07-14 | 9.1 Critical |
| Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing values, forwarding all duplicate headers to the backend while using the first value to determine how many request body bytes to consume. Remote attackers can desynchronize the proxy and backend parser state, allowing injection of arbitrary HTTP requests to the backend to enable cache poisoning, access control bypass, and request hijacking. | ||||
| CVE-2026-54387 | 2 Tinyproxy, Tinyproxy Project | 2 Tinyproxy, Tinyproxy | 2026-07-14 | 9.1 Critical |
| Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using Content-Length to determine how many request body bytes to consume. Remote attackers can desynchronize the proxy and backend parser state, allowing injection of arbitrary HTTP requests to the backend to enable cache poisoning, access control bypass, and request hijacking. | ||||
| CVE-2026-54386 | 2 Coreweave, Marimo-team | 2 Marimo, Marimo | 2026-07-14 | 6.1 Medium |
| marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal. Attackers can craft a malicious link with a payload beginning with __new__ to bypass the 404 check and inject JavaScript into the page, which executes without Content-Security-Policy restrictions in the origin of a victim's marimo server. | ||||
| CVE-2026-54371 | 2 Acl Project, Attr Project | 2 Acl, Attr | 2026-07-14 | 7.1 High |
| attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component can redirect getfattr and setfattr operations to arbitrary files by substituting a symlink, leading to local privilege escalation when getfattr or setfattr is invoked by a privileged process over an attacker-controlled path. | ||||
| CVE-2026-54370 | 1 Acl Project | 1 Acl | 2026-07-14 | 6.3 Medium |
| acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat() check and subsequent symlink-following operations such as stat(), chown(), chmod(), acl_get_file(), and acl_set_file(). Attackers who control a pathname component can redirect file access control list operations to arbitrary files when getfacl, setfacl, or chacl is invoked by a privileged process over an attacker-controlled path, resulting in local privilege escalation. | ||||
| CVE-2026-54369 | 1 Acl Project | 1 Acl | 2026-07-14 | 7.1 High |
| acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate privileges by replacing any pathname component with a symbolic link. Attackers who control any component of a pathname processed by a privileged caller can redirect ACL read or write operations to arbitrary files or directories, enabling unauthorized manipulation of access control lists and local privilege escalation. | ||||
| CVE-2026-53871 | 2 Get-hermes, Nesquena | 2 Hermes Web Ui, Hermes-webui | 2026-07-14 | 8.1 High |
| Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles. | ||||
| CVE-2026-53779 | 1 Webp | 1 Webp Server Go | 2026-07-14 | 7.5 High |
| WebP Server Go through 0.14.4 contains a path traversal vulnerability on Windows that allows unauthenticated attackers to read files outside the configured IMG_PATH directory by sending requests with percent-encoded backslashes (%5C) that bypass the path.Clean() sanitization in handler/router.go. Attackers can exploit the discrepancy between Go's forward-slash-only path normalization and Windows file system APIs that treat backslashes and forward slashes as equivalent to access arbitrary files on the host filesystem accessible to the server process. | ||||
| CVE-2026-49973 | 2 Get-hermes, Nesquena | 2 Hermes Web Ui, Hermes-webui | 2026-07-14 | 9.4 Critical |
| Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the _set_password parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable network can send a POST request to the settings endpoint during the first-run setup window to persist an arbitrary password hash, obtain a valid session cookie, and lock out the legitimate operator from their own instance. | ||||