cve.li

Recent

CVE-2026-28492CWE-200

File Browser: Path Traversal in Public Share Links Exposes Files Outside Shared Directory

Published 2026-03-05 by GitHub_M

CVE-2025-55208CWE-79

Chamilo LMS has Stored Cross Site Scripting on Social Networks Uploaded Files

Published 2026-03-05 by GitHub_M

CVE-2026-29188CWE-732CWE-284

File Browser: TUS Delete Endpoint Bypasses Delete Permission Check

Published 2026-03-05 by GitHub_M

CVE-2026-28443CWE-89

OpenReplay: SQL injection in cards/search via unvalidated sort field parameter

Published 2026-03-05 by GitHub_M

CVE-2026-0848CWE-20

Arbitrary Code Execution in NLTK StanfordSegmenter via Untrusted JAR Loading

Published 2026-03-05 by @huntr_ai

CVE-2026-22723

UAA User Token Revocation logic error

Published 2026-03-05 by vmware

CVE-2026-28442CWE-73

ZimaOS: Arbitrary Deletion of Internal System Files via API Path Manipulation

Published 2026-03-05 by GitHub_M

CVE-2026-29081CWE-89

Frappe: Possibility of SQL Injection due to improper fieldname sanitization

Published 2026-03-05 by GitHub_M

CVE-2026-29077CWE-284CWE-602

Frappe: Broken Access Control in DocShare

Published 2026-03-05 by GitHub_M

CVE-2026-28436CWE-79

Frappe: Stored XSS in avatar_macro.html

Published 2026-03-05 by GitHub_M

Load more ↓