CVE ID :CVE-2026-48017 Published : June 15, 2026, 10:16 p.m. | 52 minutes ago Description :DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-48017 - DbGate: Remote Code Execution via functionName injection in loadReader endpoint

VERWANDTEARTIKEL

Nearly 14,000 SimpleHelp Servers Exposed Amid Critical Authentication Bypass Disclosure

Kritische Splunk-Schwachstelle CVE-2026-20253 ermöglicht RCE ohne Anmeldung

LangGraph-Schwachstellen ermöglichen potenziell Remote Code Execution in selbst gehosteten KI-Agenten

CVE-2026-5064 - HP One Agent Software – Security Update

CVE-2026-48713 - i18next-fs-backend: Prototype pollution via crafted missing-key string

CVE-2026-48714 - i18next-http-middleware missingKeyHandler does not reject keys whose segments contain prototype-polluting names