Export limit exceeded: 46292 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46292 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-10112 | 1 Sambitraj | 1 Student-management-system | 2026-05-30 | 2.4 Low |
| A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-45343 | 1 Kovah | 1 Linkace | 2026-05-30 | N/A |
| LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains a stored cross-site scripting vulnerability that allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This affects instances configured with SSO/OAuth authentication, which is one of the supported authentication methods in LinkAce. An attacker who sets their OAuth display name to a malicious script and then creates an API token will plant a persistent XSS payload in the audit log. When any admin navigates to /system/audit, the payload executes in the admin's browser context. This enables session cookie theft, CSRF token exfiltration (exposed in the la-app-data meta tag), or any other action the admin can perform. This vulnerability is fixed in 2.5.6. | ||||
| CVE-2026-47694 | 1 Wwbn | 1 Avideo | 2026-05-30 | 5.4 Medium |
| WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores category descriptions from user input and later renders category_description as raw HTML in the Gallery view. A user who can create or edit categories can store JavaScript in a category description, which executes when another user views the affected Gallery/category page. This is a stored XSS in the category description field, separate from previously fixed XSS issues in video titles or comments. | ||||
| CVE-2026-41897 | 1 Mantisbt | 1 Mantisbt | 2026-05-30 | N/A |
| Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filter_target parameter on return_dynamic_filters.php (normally used as an AJAX in View Issues Page) allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This vulnerability is fixed in 2.28.2. | ||||
| CVE-2026-45039 | 1 Rustfs | 1 Rustfs | 2026-05-30 | 9.8 Critical |
| RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, get_shared_secret() in crates/ecstore/src/rpc/http_auth.rs, falls back to the public, source-tree-embedded DEFAULT_SECRET_KEY = "rustfsadmin" when neither the RUSTFS_RPC_SECRET environment variable nor the global S3 secret key has been configured. This vulnerability is fixed in 1.0.0-beta.2. | ||||
| CVE-2026-47759 | 2 Tiny, Tinymce | 2 Tinymce, Tinymce | 2026-05-30 | 8.7 High |
| TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via unsanitized data-mce-* attributes (data-mce-href, data-mce-src, data-mce-style). Allows attackers to inject malicious values that override safe attributes during serialization, bypassing validation. This vulnerability is fixed in 5.11.1, 7.9.3, and 8.5.1. | ||||
| CVE-2026-42401 | 1 Elastic | 1 Kibana | 2026-05-29 | 4.1 Medium |
| Improper Neutralization of Input During Web Page Generation (CWE-79) in Kibana can lead to stored HTML injection. A user with write access to an Elasticsearch index could persist crafted markup which, when subsequently rendered through an affected Kibana view by another user, was not sufficiently sanitized. Successful exploitation could result in unauthorized UI manipulation and outbound network requests issued from the viewing user's browser session. | ||||
| CVE-2026-49375 | 1 Jetbrains | 1 Teamcity | 2026-05-29 | 6.1 Medium |
| In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page | ||||
| CVE-2026-34127 | 2026-05-29 | N/A | ||
| A stored cross-site scripting (XSS) vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious script into the device configuration, which may be stored and executed in the administrator’s browser when the affected interface is viewed. Successful exploitation may allow session cookie theft, unauthorized configuration changes, or access to sensitive information exposed through the management interface. | ||||
| CVE-2026-45668 | 1 Triliumnext | 1 Trilium | 2026-05-29 | N/A |
| Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled achieves RCE via #docName path traversal and XSS by combining a payload note (type: code, mime: text/plain) containing raw HTML/JS and a trigger note (type: doc or type: launcher) with a #docName label that uses ../ path traversal to point at the payload note's API endpoint. The desktop client Electron renderer runs with nodeIntegration enabled, so an RCE is triggered once the payload is executed. This vulnerability is fixed in 0.102.2. | ||||
| CVE-2026-49371 | 1 Jetbrains | 1 Teamcity | 2026-05-29 | 7.1 High |
| In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible | ||||
| CVE-2026-49384 | 1 Jetbrains | 1 Pycharm | 2026-05-29 | 6.1 Medium |
| In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible | ||||
| CVE-2026-49368 | 1 Jetbrains | 1 Youtrack | 2026-05-29 | 8.7 High |
| In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible | ||||
| CVE-2026-49381 | 1 Jetbrains | 1 Teamcity | 2026-05-29 | 3.4 Low |
| In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible | ||||
| CVE-2026-42929 | 2026-05-29 | 8.3 High | ||
| Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials. | ||||
| CVE-2026-6824 | 2026-05-29 | 8.4 High | ||
| A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can inject malicious scripts, which are then persistently stored on the device backend. When administrators or users access affected pages, the stored scripts are executed in their browsers, leading to potential session hijacking, unauthorized actions, or data theft. | ||||
| CVE-2026-7786 | 2026-05-29 | 9.8 Critical | ||
| Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services. | ||||
| CVE-2026-44651 | 1 Sillytavern | 1 Sillytavern | 2026-05-29 | N/A |
| SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetch(url) throws, the code sends: res.status(500).send('Error occurred while trying to proxy to: ' + url + ' ' + error). The url value is attacker-controlled (req.params.url) and is not HTML-escaped before rendering. This vulnerability is fixed in 1.18.0. | ||||
| CVE-2026-45631 | 1 Dokploy | 1 Dokploy | 2026-05-29 | 10 Critical |
| Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the built-in SSH terminal. This vulnerability is fixed in 0.29.3. | ||||
| CVE-2026-33386 | 1 Opensolution | 1 Quick.cms | 2026-05-29 | N/A |
| QuickCMS is vulnerable to Cross-Site Scripting (XSS) through its insecure HTTP-based plugin‑fetching mechanism. A malicious attacker can perform a Man‑in‑the‑Middle (MITM) attack by impersonating the opensolution.org server and serving arbitrary HTML or JavaScript at the plugin list endpoint. When a user accesses the plugin page, the malicious content is automatically fetched, rendered, and executed. This issue was fixed in a patch to version 6.8 published on 15.05.2026, deployments without this patch are still vulnerable. | ||||