VYPR

CVEs

100,097 total · page 107 of 2,002

  • CVE-2026-6376HigApr 23, 2026
    risk 0.57cvss epss 0.01

    A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to be accessed using only a PNR and last name, with no authentication or verification mechanisms. This results in exposure of extensive personal, travel, and booking metadata to any…

  • CVE-2026-6375HigApr 23, 2026
    risk 0.57cvss epss 0.00

    A vulnerability in SpiceJet’s booking API allows unauthenticated users to query passenger name records (PNRs) without any access controls. Because PNR identifiers follow a predictable pattern, an attacker could systematically enumerate valid records and obtain associated…

  • CVE-2026-41279HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the text-to-speech generation endpoint (POST /api/v1/text-to-speech/generate) is whitelisted (no auth) and accepts a credentialId directly in the request body. When called…

  • CVE-2026-41278HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than…

  • CVE-2026-41277HigApr 23, 2026
    risk 0.57cvss 8.8epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key (id) and internal state fields of DocumentStore…

  • CVE-2026-41275HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a…

  • CVE-2026-41273HigApr 23, 2026
    risk 0.53cvss 8.2epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker to obtain OAuth 2.0 access tokens associated with a public chatflow. By…

  • CVE-2026-41272HigApr 23, 2026
    risk 0.46cvss 7.1epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers (secureAxiosRequest and secureFetch) intended to prevent Server-Side Request Forgery (SSRF) contain multiple logic flaws. These flaws allow…

  • CVE-2026-41271HigApr 23, 2026
    risk 0.54cvss 8.3epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make…

  • CVE-2026-41270HigApr 23, 2026
    risk 0.46cvss 7.1epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via…

  • CVE-2026-41269HigApr 23, 2026
    risk 0.46cvss 7.1epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend…

  • CVE-2026-41267HigApr 23, 2026
    risk 0.53cvss 8.1epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment (JSON injection) vulnerability in the account registration endpoint of Flowise Cloud allows unauthenticated attackers to inject server-managed…

  • CVE-2026-41266HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorization headers and internal configuration without any authentication. An attacker…

  • CVE-2026-41138HigApr 23, 2026
    risk 0.57cvss 8.8epss 0.01

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the…

  • CVE-2026-41137HigApr 23, 2026
    risk 0.57cvss 8.8epss 0.01

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and…

  • CVE-2026-41259HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and performs basic validation on e-mail addresses, but fails to restrict characters that…

  • CVE-2026-41246HigApr 23, 2026
    risk 0.46cvss 8.1epss 0.00

    Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a…

  • CVE-2026-41241HigApr 23, 2026
    risk 0.50cvss 8.7epss 0.00

    pretalx is a conference planning tool. Prior to 2026.1.0, The organiser search in the pretalx backend rendered submission titles, speaker display names, and user names/emails into the result dropdown using innerHTML string interpolation. Any user who controls one of those fields…

  • CVE-2026-41205HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable…

  • CVE-2026-40886HigApr 23, 2026
    risk 0.43cvss 7.7epss 0.00

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod() function causes a controller-wide panic when a workflow pod carries a malformed…

  • CVE-2026-33694HigApr 23, 2026
    risk 0.48cvss epss 0.00

    This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code…

  • CVE-2026-6921HigApr 23, 2026
    risk 0.54cvss 8.3epss 0.00

    Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)

  • CVE-2026-5039HigApr 23, 2026
    risk 0.57cvss 8.8epss 0.00

    TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to…

  • CVE-2026-34003HigApr 23, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the…

  • CVE-2026-34001HigApr 23, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server…

  • CVE-2026-33999HigApr 23, 2026
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially…

  • CVE-2026-41461HigApr 23, 2026
    risk 0.55cvss 8.5epss 0.00

    SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is not sanitized before being used to construct outbound HTTP requests. Authenticated…

  • CVE-2026-35225HigApr 23, 2026
    risk 0.57cvss epss 0.00

    An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections.

  • CVE-2025-70994HigApr 23, 2026
    risk 0.47cvss 7.3epss 0.00

    Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is…

  • CVE-2026-31532HigApr 23, 2026
    risk 0.44cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but receiver deletion is deferred with call_rcu(). This leaves a window where…

  • CVE-2026-6903HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    The LabOne Web Server, backing the LabOne User Interface, contains insufficient input validation in its file access functionality. An unauthenticated attacker could exploit this vulnerability to read arbitrary files on the host system that are accessible to the operating system…

  • CVE-2026-5464HigApr 23, 2026
    risk 0.47cvss 7.2epss 0.01

    The ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation in all versions up to, and including, 9.1.2. This is due to the reports page exposing the…

  • CVE-2026-3259HigApr 23, 2026
    risk 0.46cvss epss 0.00

    A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers…

  • CVE-2026-41564HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it…

  • CVE-2026-41040HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    GROWI provided by GROWI, Inc. is vulnerable to a regular expression denial of service (ReDoS) via a crafted input string.

  • CVE-2026-34488HigApr 23, 2026
    risk 0.47cvss 7.3epss 0.00

    IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges.

  • CVE-2026-41231HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    Froxlor is open source server administration software. Prior to version 2.3.6, `DataDump.add()` constructs the export destination path from user-supplied input without passing the `$fixed_homedir` parameter to `FileDir::makeCorrectDir()`, bypassing the symlink validation that…

  • CVE-2026-41230HigApr 23, 2026
    risk 0.48cvss 8.5epss 0.00

    Froxlor is open source server administration software. Prior to version 2.3.6, `DomainZones::add()` accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the `content` field. When a DNS type not covered by the if/elseif validation…

  • CVE-2026-41208HigApr 23, 2026
    risk 0.50cvss 8.8epss 0.01

    Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on…

  • CVE-2026-41206HigApr 23, 2026
    risk 0.44cvss 7.8epss 0.00

    PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the…

  • CVE-2026-41200HigApr 23, 2026
    risk 0.48cvss epss 0.00

    STIG Manager is an API and web client for managing Security Technical Implementation Guides (STIG) assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting (XSS) vulnerability in the OIDC authentication error handling code in…

  • CVE-2026-41180HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under `/files/:uploadId` validates the mounted request path using the still-encoded `req.path`, but the downstream tus handler later writes using the decoded…

  • CVE-2026-5935HigApr 23, 2026
    risk 0.47cvss 7.3epss 0.00

    IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input.

  • CVE-2026-40062HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.01

    A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated attacker may get sensitive information on the operating system.

  • CVE-2026-3621HigApr 23, 2026
    risk 0.49cvss 7.5epss 0.00

    IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.

  • CVE-2026-32679HigApr 23, 2026
    risk 0.51cvss 7.8epss 0.00

    The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a…

  • CVE-2026-41455HigApr 22, 2026
    risk 0.48cvss 8.5epss 0.00

    WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the URL scheme field accepts any string without protocol restriction or destination validation. Attackers who can create or modify integrations can set webhook URLs…

  • CVE-2026-41454HigApr 22, 2026
    risk 0.47cvss 8.3epss 0.00

    WeKan before 8.35 contains a missing authorization vulnerability in the Integration REST API endpoints that allows authenticated board members to perform administrative actions without proper privilege verification. Attackers can enumerate integrations including webhook URLs,…

  • CVE-2026-41175HigApr 22, 2026
    risk 0.46cvss 8.1epss 0.00

    Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts.…

  • CVE-2026-41172HigApr 22, 2026
    risk 0.40cvss epss 0.00

    Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, an SSRF vulnerability allows a user with asset upload permission to force the server to fetch arbitrary URLs, including localhost/private network targets, and…