Known Vulnerabilities for Cloud by Suse
Listed below are 1 of the newest known vulnerabilities associated with "Cloud" by "Suse".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-61448 json | Parse Server is affected by a stored cross-site scripting (XSS) vulnerability in versions >= 9.0.0, < 9.10.0-alpha.2 and <= 8... | Not Provided | 2026-07-11 | 2026-07-11 |
| CVE-2026-60105 json | Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an inco... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-59806 json | Gradio before 6.20.0 contains an open redirect and server-side request forgery vulnerability that allows attackers to redirec... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-59794 json | In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-59706 json | mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forger... | Not Provided | 2026-07-07 | 2026-07-08 |
| CVE-2026-59151 json | Prowler is a cloud security platform. Prior to 5.30.3, Prowler's SAML authentication flow trusted the email domain asserted i... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-59095 json | LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to ... | Not Provided | 2026-07-02 | 2026-07-07 |
| CVE-2026-58468 json | NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authent... | Not Provided | 2026-07-07 | 2026-07-08 |
| CVE-2026-58448 json | yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated use... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-58404 json | Hugo is a static site generator. From v0.162.0 through v0.163.0, the default security.http.urls policy denies requests to loo... | Not Provided | 2026-07-06 | 2026-07-07 |