Export limit exceeded: 337616 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337616 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4970 | 1 Code-projects | 1 Social Networking Site | 2026-03-27 | 6.3 Medium |
| A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file delete_photos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-29180 | 2026-03-27 | N/A | ||
| Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host transfer API allows a team maintainer to transfer hosts from any team into their own team, bypassing team isolation boundaries. Once transferred, the attacker gains full control over the stolen hosts, including the ability to execute scripts with root privileges. Version 4.81.1 patches the issue. | ||||
| CVE-2026-34385 | 2026-03-27 | N/A | ||
| Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user credentials, API tokens, and device enrollment secrets. Version 4.81.0 patches the issue. | ||||
| CVE-2026-34386 | 2026-03-27 | N/A | ||
| Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap package configuration allows an authenticated user with Team Admin or Global Admin privileges to modify arbitrary team configurations, exfiltrate sensitive data from the Fleet database, and inject arbitrary content into team configs via direct API calls. Version 4.81.0 patches the issue. | ||||
| CVE-2026-33673 | 1 Prestashop | 1 Prestashop | 2026-03-27 | 7.7 High |
| PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability, can exploit unprotected variables in back-office templates. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available. | ||||
| CVE-2026-34387 | 2026-03-27 | N/A | ||
| Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root (macOS/Linux) or SYSTEM (Windows) on managed hosts when an uninstall is triggered for a crafted software package. Version 4.81.1 patches the issue. | ||||
| CVE-2026-34388 | 2026-03-27 | N/A | ||
| Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, disrupting all connected hosts, MDM enrollments, and API consumers. Version 4.81.0 patches the issue. | ||||
| CVE-2026-34391 | 2026-03-27 | N/A | ||
| Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets, and certificate payloads across the entire Windows fleet. Version 4.81.1 patches the issue. | ||||
| CVE-2026-31943 | 2026-03-27 | 8.5 High | ||
| LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, `isPrivateIP()` in `packages/api/src/auth/domain.ts` fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests to internal network resources — including cloud metadata services (e.g., AWS `169.254.169.254`), loopback, and RFC1918 ranges. Version 0.8.3 fixes the issue. | ||||
| CVE-2026-31945 | 2026-03-27 | 7.7 High | ||
| LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery (SSRF) attack when using agent actions or MCP. Although a previous SSRF vulnerability (https://github.com/danny-avila/LibreChat/security/advisories/GHSA-rgjq-4q58-m3q8) was reported and patched, the fix only introduced hostname validation. It does not verify whether DNS resolution results in a private IP address. As a result, an attacker can still bypass the protection and gain access to internal resources, such as an internal RAG API or cloud instance metadata endpoints. Version 0.8.3-rc1 contains a patch. | ||||
| CVE-2026-31950 | 2026-03-27 | 5.3 Medium | ||
| LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint `/api/agents/chat/stream/:streamId` does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and read another user's real-time chat content, including messages, AI responses, and tool invocations. Version 0.8.2 patches the issue. | ||||
| CVE-2026-31951 | 2026-03-27 | 6.8 Medium | ||
| LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP (Model Context Protocol) servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containing `{{LIBRECHAT_OPENID_ACCESS_TOKEN}}` (and others), causing victims who call tools on that server to have their OAuth tokens exfiltrated. Version 0.8.3-rc2 fixes the issue. | ||||
| CVE-2026-32241 | 2026-03-27 | 7.5 High | ||
| Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that allows an attacker who can set Kubernetes Node annotations to achieve root-level arbitrary command execution on every flannel node in the cluster. The Extension backend's SubnetAddCommand and SubnetRemoveCommand receive attacker-controlled data via stdin (from the `flannel.alpha.coreos.com/backend-data` Node annotation). The content of this annotation is unmarshalled and piped directly to a shell command without checks. Kubernetes clusters using Flannel with the Extension backend are affected by this vulnerability. Other backends such as vxlan and wireguard are unaffected. The vulnerability is fixed in version v0.28.2. As a workaround, use Flannel with another backend such as vxlan or wireguard. | ||||
| CVE-2026-28252 | 1 Trane | 5 Tracer Concierge, Tracer Sc, Tracer Sc\+ and 2 more | 2026-03-27 | 9.8 Critical |
| A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device. | ||||
| CVE-2026-28253 | 1 Trane | 5 Tracer Concierge, Tracer Sc, Tracer Sc\+ and 2 more | 2026-03-27 | 7.5 High |
| A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to cause a denial-of-service condition | ||||
| CVE-2026-28254 | 1 Trane | 5 Tracer Concierge, Tracer Sc, Tracer Sc\+ and 2 more | 2026-03-27 | 7.5 High |
| A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive information through unprotected APIs. | ||||
| CVE-2026-28255 | 1 Trane | 5 Tracer Concierge, Tracer Sc, Tracer Sc\+ and 2 more | 2026-03-27 | 9.8 Critical |
| A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts. | ||||
| CVE-2025-52637 | 1 Hcl | 1 Aion | 2026-03-27 | 4.5 Medium |
| HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific conditions. | ||||
| CVE-2025-52638 | 1 Hcl | 1 Aion | 2026-03-27 | 5.6 Medium |
| HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible. | ||||
| CVE-2025-52648 | 1 Hcl | 1 Aion | 2026-03-27 | 4.8 Medium |
| HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of image signing may allow the use of unverified or tampered images, potentially leading to security risks such as integrity compromise or unintended behavior in the system | ||||