6.8

CVSS3.1

CVE-2026-39961 - Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource

Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace β€” production database credentials, API keys, …

πŸ“… Published: April 9, 2026, 5:14 p.m. πŸ”„ Last Modified: April 9, 2026, 5:14 p.m.

4.3

CVSS3.1

CVE-2026-39985 - LORIS has an open redirect field on login

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, the redirect parameter upon login to LORIS was not validating the value of the redirect as being within LORIS, w…

πŸ“… Published: April 9, 2026, 5:08 p.m. πŸ”„ Last Modified: April 9, 2026, 5:08 p.m.

8.6

CVSS3.1

CVE-2026-39983 - FTP Command Injection via CRLF in basic-ftp

basic-ftp is an FTP client for Node.js. Prior to 5.2.1, basic-ftp allows FTP command injection via CRLF sequences (\r\n) in file path parameters passed to high-level path APIs such as cd(), remove(), rename(), uploadFrom(), downloadTo(), list(), and removeDir(). The library's protectWhitespace() he…

πŸ“… Published: April 9, 2026, 5:05 p.m. πŸ”„ Last Modified: April 9, 2026, 5:05 p.m.

8.8

CVSS3.1

CVE-2026-39981 - AGiXT has a Path Traversal in safe_join()

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safe_join() function in the essential_abilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or …

πŸ“… Published: April 9, 2026, 5:01 p.m. πŸ”„ Last Modified: April 9, 2026, 5:01 p.m.

6.9

CVSS4.0

CVE-2026-5970 - FoundationAgents MetaGPT HumanEvalBenchmark/MBPPBenchmark check_solution code injection

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function check_solution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. The…

πŸ“… Published: April 9, 2026, 5 p.m. πŸ”„ Last Modified: April 9, 2026, 5 p.m.

9.1

CVSS3.1

CVE-2026-39980 - OpenCTI affected by RCE via notifier template

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform proce…

πŸ“… Published: April 9, 2026, 4:54 p.m. πŸ”„ Last Modified: April 9, 2026, 4:54 p.m.

7.1

CVSS3.1

CVE-2026-39976 - Laravel Passport's TokenGuard Authenticates Unrelated User for Client Credentials Tokens

Laravel Passport provides OAuth2 server support to Laravel. From 13.0.0 to before 13.7.1, there is an Authentication Bypass for client_credentials tokens. the league/oauth2-server library sets the JWT sub claim to the client identifier (since there's no user). The token guard then passes this value…

πŸ“… Published: April 9, 2026, 4:50 p.m. πŸ”„ Last Modified: April 9, 2026, 4:50 p.m.

8.5

CVSS3.1

CVE-2026-39974 - n8n-MCP has an Authenticated SSRF via instance-URL header in multi-tenant HTTP mode

n8n-MCP is a Model Context Protocol (MCP) server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTH_TOKEN to cause the server to is…

πŸ“… Published: April 9, 2026, 4:45 p.m. πŸ”„ Last Modified: April 9, 2026, 4:45 p.m.

7.1

CVSS4.0

CVE-2026-39972 - Mercure has a Topic Selector Cache Key Collision

Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to un…

πŸ“… Published: April 9, 2026, 4:42 p.m. πŸ”„ Last Modified: April 9, 2026, 4:42 p.m.

8.8

CVSS4.0

CVE-2026-39962 - LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use a user-controlled s…

πŸ“… Published: April 9, 2026, 4:37 p.m. πŸ”„ Last Modified: April 9, 2026, 4:37 p.m.
Total resulsts: 343523
Page 2 of 34,353
Β« previous page Β» next page
Filters