Aggregator

CVE-2026-56267 | Flowise up to 3.0.12 forgot-password information disclosure (GHSA-jc5m-wrp2-qq38 / EUVD-2026-38118)

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in Flowise up to 3.0.12 and classified as problematic. The impacted element is an unknown function of the file /api/v1/account/forgot-password. Executing a manipulation can lead to information disclosure. The identification of this vulnerability is CVE-2026-56267. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-56325 | Capgo up to 12.128.1 missing initialization (GHSA-cw88-ch2j-8vqj / EUVD-2026-38113)

VulDB Recent Entries
1 week 1 day ago
A vulnerability has been found in Capgo up to 12.128.1 and classified as problematic. The affected element is an unknown function. Performing a manipulation results in missing initialization of a variable. This vulnerability was named CVE-2026-56325. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2020-37255 | Wptimecapsule Time Capsule Plugin up to 1.21.15 authentication bypass (Exploit 47941 / EUVD-2020-31256)

VulDB Recent Entries
1 week 1 day ago
A vulnerability, which was classified as critical, has been found in Wptimecapsule Time Capsule Plugin up to 1.21.15. This issue affects some unknown processing. This manipulation causes authentication bypass using alternate channel. This vulnerability is handled as CVE-2020-37255. The attack can be initiated remotely. Additionally, an exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-56228 | Capgo up to 12.128.1 Password Policy denial of service (GHSA-vhjp-62qf-33mx / EUVD-2026-38116)

VulDB Recent Entries
1 week 1 day ago
A vulnerability classified as problematic was found in Capgo up to 12.128.1. This vulnerability affects unknown code of the component Password Policy Handler. The manipulation results in denial of service. This vulnerability is known as CVE-2026-56228. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-56295 | Capgo up to 12.128.1 checkWebhookPermission improper authorization (GHSA-vwpp-cqv5-cmfm / EUVD-2026-38122)

VulDB Recent Entries
1 week 1 day ago
A vulnerability described as critical has been identified in Capgo up to 12.128.1. Affected by this issue is the function checkWebhookPermission. Executing a manipulation can lead to improper authorization. This vulnerability appears as CVE-2026-56295. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2024-58351 | Flowise up to 2.1.3 Configuration code injection (GHSA-5cph-wvm9-45gj / EUVD-2024-55642)

VulDB Recent Entries
1 week 1 day ago
A vulnerability marked as critical has been reported in Flowise up to 2.1.3. Affected by this vulnerability is an unknown functionality of the component Configuration Handler. Performing a manipulation results in code injection. This vulnerability is reported as CVE-2024-58351. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-48908 | joomshaper SP Page Builder extension for Joomla 1.0.0-6.6.1 on Joomla access control (EUVD-2026-38110)

VulDB Recent Entries
1 week 1 day ago
A vulnerability labeled as critical has been found in joomshaper SP Page Builder extension for Joomla 1.0.0-6.6.1 on Joomla. Affected is an unknown function of the component SP Page. Such manipulation leads to improper access controls. This vulnerability is documented as CVE-2026-48908. The attack can be executed remotely. There is not any exploit available.
vuldb.com

CVE-2026-56282 | Capgo up to 12.128.1 restart_lsn information disclosure (GHSA-q6gm-xfwr-44f5 / EUVD-2026-38120)

VulDB Recent Entries
1 week 1 day ago
A vulnerability categorized as problematic has been discovered in Capgo up to 12.128.1. This affects an unknown function. The manipulation of the argument restart_lsn results in information disclosure. This vulnerability is cataloged as CVE-2026-56282. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-56235 | Cap-go capgo up to 12.128.1 Public Supabase API information disclosure (GHSA-gfpq-vphf-6gcm / EUVD-2026-38117)

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in Cap-go capgo up to 12.128.1. It has been rated as problematic. The impacted element is an unknown function of the component Public Supabase API. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2026-56235. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2019-25763 | Ultimatebeaver Ultimate Addons for Beaver Builder 1.2.4.1 on Beaver admin-ajax.php authentication bypass (Exploit 47832 / EUVD-2019-20199)

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in Ultimatebeaver Ultimate Addons for Beaver Builder 1.2.4.1 on Beaver. It has been declared as critical. The affected element is an unknown function of the file admin-ajax.php. Executing a manipulation can lead to authentication bypass using alternate channel. This vulnerability is tracked as CVE-2019-25763. The attack can be launched remotely. Moreover, an exploit is present. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-50972 | WooCommerce 7.1.0 PHP File class-wc-meta-box-product-images.php product-type code injection (Exploit 51156 / EUVD-2022-56008)

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in WooCommerce 7.1.0. It has been classified as critical. Impacted is an unknown function of the file class-wc-meta-box-product-images.php of the component PHP File Handler. Performing a manipulation of the argument product-type results in code injection. This vulnerability is identified as CVE-2022-50972. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT

Cyber Security News
1 week 1 day ago

A new open-source cybersecurity platform called CyberSentinel AI v3.0 has emerged as a significant development in autonomous security tooling, combining 33 real-world penetration testing and threat intelligence tools with a provider-agnostic AI engine that supports Claude, GPT-4o, OpenRouter, and fully offline local inference via Ollama. Unlike conventional AI security assistants that just suggest commands, CyberSentinel […]

The post CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT appeared first on Cyber Security News.

Guru Baran

Managed ad