Export limit exceeded: 10615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10615 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-46442 1 Flowiseai 1 Flowise 2026-06-11 9.9 Critical
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function lacks route-level authorization, allowing any authenticated user or API key to submit arbitrary JavaScript to the Custom JS Function node. When E2B_APIKEY is not configured — the common deployment case — Flowise executes this code inside a NodeVM sandbox. This sandbox can be escaped, allowing an attacker to reach the host process object and execute system commands via child_process. The result is authenticated remote code execution on the Flowise server host. This issue has been patched in version 3.1.2.
CVE-2026-36723 1 Bookcars 1 Bookcars 2026-06-10 8.8 High
An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem. This enables unauthorized access to sensitive files, the overwriting of critical application files, and remote code execution (RCE).
CVE-2026-45558 1 Roxy-wi 1 Roxy-wi 2026-06-10 9.9 Critical
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints (POST /api/service/haproxy/<server_id>/section/<section_type> and the PUT / global / defaults variants) accept a JSON option field that is not validated, not escaped, and is rendered verbatim into the generated HAProxy configuration via the section.j2, global.j2, and defaults.j2 Ansible templates. Because Roxy-WI then pushes the generated config to the load balancer and runs systemctl reload haproxy, an authenticated user with role ≤ 3 (user) can inject arbitrary HAProxy directives into the config that runs on every load balancer their group manages — including option external-check + external-check command /bin/bash -c '…', which gives remote code execution on the load balancer as the haproxy user on every health-check tick. At time of publication, there are no publicly available patches.
CVE-2026-52751 1 Nsa 1 Ghidra 2026-06-10 8.8 High
Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a malicious project file with a ghidra:// URL that, when opened via File → Open Project, deserializes untrusted objects using a Jython 2.7.4 gadget chain to execute arbitrary commands.
CVE-2026-11815 1 Broadcom 1 Api Gateway 2026-06-10 N/A
An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution.
CVE-2026-49959 1 Nesquena 1 Hermes-webui 2026-06-10 8.8 High
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in api/workspace_git.py through vectors such as core.fsmonitor during git status, protocol.ext.allow with ext:: remotes during git fetch, credential.helper, core.askPass, core.gitProxy, or inherited environment variables including GIT_SSH_COMMAND to achieve arbitrary command execution on the host running the application.
CVE-2026-8365 2 Creativethemes, Wordpress 2 Blocksy, Wordpress 2026-06-09 8.8 High
The Blocksy theme for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution via the 'blocksy_meta' REST API field and the V200 database migration in versions up to and including 2.1.35. This is due to insufficient input sanitization in the blocksy_sanitize_post_meta_options() function, which only blocks values containing '<' or '>' and does not prevent serialized PHP object strings from being stored in post meta, combined with the SearchReplacer::run_recursively() function unconditionally deserializing all string values via @unserialize() during migration without restricting allowed classes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a serialized Blocksy\RaiiPattern object into post meta that, when the V200 migration runs on an upgraded site, is deserialized and triggers RaiiPattern::__destruct(), which executes arbitrary PHP callables via call_user_func().
CVE-2024-49132 1 Microsoft 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more 2026-06-09 8.1 High
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49123 1 Microsoft 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more 2026-06-09 8.1 High
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49119 1 Microsoft 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more 2026-06-09 8.1 High
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49116 1 Microsoft 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more 2026-06-09 8.1 High
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49120 1 Microsoft 8 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 5 more 2026-06-09 8.1 High
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49127 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-06-09 8.1 High
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2024-49118 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2026-06-09 8.1 High
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-49112 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2026-06-09 9.8 Critical
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2024-49080 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-06-09 8.8 High
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-49079 1 Microsoft 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more 2026-06-09 7.8 High
Input Method Editor (IME) Remote Code Execution Vulnerability
CVE-2024-49065 1 Microsoft 7 365 Apps, Office, Office Long Term Servicing Channel and 4 more 2026-06-09 5.5 Medium
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-49142 1 Microsoft 4 365 Apps, Access, Office and 1 more 2026-06-09 7.8 High
Microsoft Access Remote Code Execution Vulnerability
CVE-2024-49126 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-06-09 8.1 High
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability