Export limit exceeded: 339900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32751 | 2 B3log, Siyuan | 2 Siyuan, Siyuan | 2026-03-24 | 9.0 Critical |
| SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree (MobileFiles.ts) renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version (Files.ts) properly uses escapeHtml() for the same operation. An authenticated user who can rename notebooks can inject arbitrary HTML/JavaScript that executes on any mobile client viewing the file tree. Since Electron is configured with nodeIntegration: true and contextIsolation: false, the injected JavaScript has full Node.js access, escalating stored XSS to full remote code execution. The mobile layout is also used in the Electron desktop app when the window is narrow, making this exploitable on desktop as well. This issue has been fixed in version 3.6.1. | ||||
| CVE-2026-32622 | 2 Dataease, Fit2cloud | 2 Sqlbot, Sqlbot | 2026-03-24 | 8.8 High |
| SQLBot is an intelligent data query system based on a large language model and RAG. Versions 1.5.0 and below contain a Stored Prompt Injection vulnerability that chains three flaws: a missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology, unsanitized storage of terminology descriptions containing dangerous payloads, and a lack of semantic fencing when injecting terminology into the LLM's system prompt. Together, these flaws allow an attacker to hijack the LLM's reasoning to generate malicious PostgreSQL commands (e.g., COPY ... TO PROGRAM), ultimately achieving Remote Code Execution on the database or application server with postgres user privileges. The issue is fixed in v1.6.0. | ||||
| CVE-2026-3549 | 1 Wolfssl | 1 Wolfssl | 2026-03-24 | N/A |
| Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving. | ||||
| CVE-2026-3579 | 1 Wolfssl | 1 Wolfssl | 2026-03-24 | 5.9 Medium |
| wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted __muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions (sp_256_mul_9, sp_256_sqr_9, etc.), leading to a timing side-channel that may expose sensitive cryptographic data. | ||||
| CVE-2026-32912 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32911 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32910 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32909 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32908 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32907 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32904 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32903 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32902 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32901 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32900 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32066 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32047 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-32012 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-28483 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||
| CVE-2026-28455 | 2026-03-23 | N/A | ||
| This CVE ID has been rejected. | ||||