Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-61870 | ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory al… | 2026-07-11T14:16:24.270 | 2026-07-11T14:16:24.270 |
| fkie_cve-2026-61861 | ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption meth… | 2026-07-11T14:16:24.143 | 2026-07-11T14:16:24.143 |
| fkie_cve-2026-61858 | ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external… | 2026-07-11T14:16:24.020 | 2026-07-11T14:16:24.020 |
| fkie_cve-2026-61857 | ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null che… | 2026-07-11T14:16:23.893 | 2026-07-11T14:16:23.893 |
| fkie_cve-2026-61465 | ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limi… | 2026-07-11T14:16:23.767 | 2026-07-11T14:16:23.767 |
| fkie_cve-2026-61454 | The Grav Admin2 plugin (getgrav/grav-plugin-admin2) before 2.0.4 embeds a global JavaScript variabl… | 2026-07-11T14:16:23.630 | 2026-07-11T14:16:23.630 |
| fkie_cve-2026-61448 | Parse Server is affected by a stored cross-site scripting (XSS) vulnerability in versions >= 9.0.0,… | 2026-07-11T14:16:23.510 | 2026-07-11T14:16:23.510 |
| fkie_cve-2026-61447 | PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python… | 2026-07-11T14:16:23.377 | 2026-07-11T14:16:23.377 |
| fkie_cve-2026-61445 | PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in the … | 2026-07-11T14:16:23.240 | 2026-07-11T14:16:23.240 |
| fkie_cve-2026-61442 | PraisonAI Platform (praisonai-platform) before 0.1.9 fails to enforce owner/admin authorization on … | 2026-07-11T14:16:23.017 | 2026-07-11T14:16:23.017 |
| fkie_cve-2026-61439 | PraisonAI versions before 4.6.78 contain a prompt injection defense misconfiguration where the bloc… | 2026-07-11T14:16:22.870 | 2026-07-11T14:16:22.870 |
| fkie_cve-2026-61429 | PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4A… | 2026-07-11T14:16:22.740 | 2026-07-11T14:16:22.740 |
| fkie_cve-2026-61428 | PraisonAI AgentMail versions before 4.6.78 lack signature verification in webhook mode, allowing un… | 2026-07-11T14:16:22.610 | 2026-07-11T14:16:22.610 |
| fkie_cve-2026-61426 | PraisonAI before 1.7.3 contains an insecure default configuration that binds to all interfaces with… | 2026-07-11T14:16:22.483 | 2026-07-11T14:16:22.483 |
| fkie_cve-2026-60090 | PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector … | 2026-07-11T14:16:22.353 | 2026-07-11T14:16:22.353 |
| fkie_cve-2026-60088 | PraisonAI before 4.6.78 fails to validate file path references in custom command templates, allowin… | 2026-07-11T14:16:22.210 | 2026-07-11T14:16:22.210 |
| fkie_cve-2026-56763 | Hono before 4.12.7 allows __proto__ key in parseBody with dot option enabled, permitting specially … | 2026-07-11T14:16:22.080 | 2026-07-11T14:16:22.080 |
| fkie_cve-2026-56372 | ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation … | 2026-07-11T14:16:21.953 | 2026-07-11T14:16:21.953 |
| fkie_cve-2026-56303 | Capgo before 12.128.2 contains an information disclosure vulnerability in the find_apikey_by_value … | 2026-07-11T14:16:21.820 | 2026-07-11T14:16:21.820 |
| fkie_cve-2026-56296 | Cap-go before 12.128.2 contains an information disclosure vulnerability in the public.transfer_app … | 2026-07-11T14:16:21.683 | 2026-07-11T14:16:21.683 |
| fkie_cve-2026-56240 | Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the plan_valid calc… | 2026-07-11T14:16:20.707 | 2026-07-11T14:16:20.707 |
| fkie_cve-2026-57828 | The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that a… | 2026-07-11T10:16:35.710 | 2026-07-11T10:16:35.710 |
| fkie_cve-2026-57827 | The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload that allows … | 2026-07-11T10:16:34.057 | 2026-07-11T10:16:34.057 |
| fkie_cve-2026-1359 | The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modif… | 2026-07-11T09:16:16.020 | 2026-07-11T09:16:16.020 |
| fkie_cve-2026-9282 | The W3 Total Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to,… | 2026-07-11T07:16:47.070 | 2026-07-11T07:16:47.070 |
| fkie_cve-2026-9017 | The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authoriza… | 2026-07-11T07:16:46.923 | 2026-07-11T07:16:46.923 |
| fkie_cve-2026-6939 | The CorvusPay WooCommerce Payment Gateway plugin for WordPress is vulnerable to Stored Cross-Site S… | 2026-07-11T07:16:46.787 | 2026-07-11T07:16:46.787 |
| fkie_cve-2026-6801 | The Context Blog theme for WordPress is vulnerable to Sensitive Information Exposure in all version… | 2026-07-11T07:16:46.650 | 2026-07-11T07:16:46.650 |
| fkie_cve-2026-4661 | The WP CTA – Sticky CTA Builder, Generate Leads, Promote Sales plugin for WordPress is vulnerable t… | 2026-07-11T07:16:46.513 | 2026-07-11T07:16:46.513 |
| fkie_cve-2026-1382 | The fresh Podcaster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fres… | 2026-07-11T07:16:46.307 | 2026-07-11T07:16:46.307 |