Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

24780 risultati

VulnerabilitàAlta
CVE-2026-12823 - Browserbase Autobrowse Trace Artifact default permission

CVE ID :CVE-2026-12823 Published : June 21, 2026, 11:45 p.m. | 11 hours, 58 minutes ago Description :A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12822 - langflow-ai langflow Bundle URL Loader code injection

CVE ID :CVE-2026-12822 Published : June 21, 2026, 11:30 p.m. | 10 hours, 13 minutes ago Description :A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12821 - FlowiseAI Flowise S3 Document Loader S3.ts path traversal

CVE ID :CVE-2026-12821 Published : June 21, 2026, 11:15 p.m. | 10 hours, 28 minutes ago Description :A vulnerability was determined in FlowiseAI Flowise up to 3.1.2. The impacted element is an unknown function of the file packages/components/nodes/documentloaders/S3/S3.ts of the component S3 Document Loader. Executing a manipulation can lead to path traversal. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12815 - coollabsio coolify Image Name os command injection

CVE ID :CVE-2026-12815 Published : June 21, 2026, 11 p.m. | 10 hours, 43 minutes ago Description :A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of the component Image Name Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in any way. The changelog for 4.1.2 mentions "[i]mproved image, branch, proxy, and deployment input validation". Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12814 - Comfast CF-WR631AX V3 API Endpoint mbox-config system os command injection

CVE ID :CVE-2026-12814 Published : June 21, 2026, 10:45 p.m. | 10 hours, 58 minutes ago Description :A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=ping_config of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12845

CVE ID :CVE-2026-12845 Published : June 21, 2026, 10:32 p.m. | 11 hours, 11 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12813 - activepieces File URL file.ts handleUrlFile server-side request forgery

CVE ID :CVE-2026-12813 Published : June 21, 2026, 10:30 p.m. | 11 hours, 13 minutes ago Description :A vulnerability was detected in activepieces up to 0.83.0. This vulnerability affects the function handleUrlFile in the library packages/server/engine/src/lib/variables/processors/file.ts of the component File URL Handler. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12812 - Radware Cyber Controller HTML Report Generation HTML injection

CVE ID :CVE-2026-12812 Published : June 21, 2026, 10:15 p.m. | 11 hours, 28 minutes ago Description :A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12811 - kortix-ai suna Auth Endpoint page.tsx router.push cross site scripting

CVE ID :CVE-2026-12811 Published : June 21, 2026, 10 p.m. | 9 hours, 43 minutes ago Description :A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.8.39 can resolve this issue. This patch is called f5dec7aa0c1b8fa0125938f292c0f2430ca75f6c. It is advisable to upgrade the affected component. The researcher explains: "The issue was fixed in v0.8.39 without notifying the wider user base via a security disclosure." Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12810 - Edimax BR-6478AC V2 POST Request mp command injection

CVE ID :CVE-2026-12810 Published : June 21, 2026, 9:45 p.m. | 9 hours, 58 minutes ago Description :A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12809 - Edimax BR-6478AC V2 POST Request wiz_5in1_redirect command injection

CVE ID :CVE-2026-12809 Published : June 21, 2026, 9:30 p.m. | 10 hours, 13 minutes ago Description :A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz_5in1_redirect of the file /goform/wiz_5in1_redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12808 - Edimax BR-6478AC V2 POST Request stainfo command injection

CVE ID :CVE-2026-12808 Published : June 21, 2026, 8:45 p.m. | 10 hours, 58 minutes ago Description :A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026

Pagina 163 di 2065

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.