Lucene search
+L

89133 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-15605

A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A hig...

3.1CVSS0.00151EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-15605 wandb Artifact Integrity Validation hashutil.py ArtifactManifestEntry.download weak hash

A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A hig...

3.1CVSS0.00151EPSS
Exploits0References7
CVE
CVE
added 5 days ago14 views

CVE-2026-15605

The vulnerability CVE-2026-15605 affects wandb 0.25.2.dev1, specifically the ArtifactManifestEntry.download path in wandb/sdk/lib/hashutil.py under Artifact Integrity Validation. The issue is described as the use of a weak hash due to manipulating the ArtifactManifestEntry.download, with the atta...

3.1CVSS5.5AI score0.00151EPSS
Exploits0References7
NVD
NVD
added 5 days ago5 views

CVE-2026-15598

A weakness has been identified in antv layout 2.0.0. This impacts the function setNestedValue in the library lib/util/object.js. Executing a manipulation of the argument path can lead to improperly controlled modification of object prototype attributes. The attack can be launched remotely. The...

6.5CVSS0.00313EPSS
Exploits0References5
CVE
CVE
added 5 days ago11 views

CVE-2026-15594

CVE-2026-15594 affects waooAI waoowaoo up to 0.4.1, specifically the function stablePublicIdFromStorageKey in the Media Handler’s src/lib/media/hash.ts. The vulnerability arises from manipulating the storageKey, resulting in improper authorization. Reportedly exploitable from remote and requires ...

6.3CVSS5.5AI score0.00298EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-15594 waooAI waoowaoo Media hash.ts stablePublicIdFromStorageKey improper authorization

A vulnerability was found in waooAI waoowaoo up to 0.4.1. Impacted is the function stablePublicIdFromStorageKey in the library src/lib/media/hash.ts of the component Media Handler. The manipulation of the argument storageKey results in improper authorization. The attack may be performed from...

6.3CVSS0.00298EPSS
Exploits0References6
CVE
CVE
added 5 days ago11 views

CVE-2026-15558

CodeAstro Simple Online Leave Management System 1.0 is affected by CVE-2026-15558. The vulnerability resides in /admin/deletemp.php where manipulation of the ID parameter leads to SQL injection. The issue allows remote exploitation, and public exploit disclosure increases risk. The CVSS metrics i...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 days ago3 views

gimp: GIMP: Arbitrary code execution via heap-based buffer overflow in HDR file parsing

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of HDR High Dynamic Range files due to insufficient validation of user-supplied data length. A remote attacker could exploit this by convincing a user to open a specially crafted malicious file,...

7.8CVSS7.3AI score0.00552EPSS
Exploits0References6
NVD
NVD
added 5 days ago7 views

CVE-2026-15541

A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch...

7.5CVSS0.00316EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago38 views

CVE-2026-15542 will-moss Isaiah Websocket Connection Authentication main.go improper authentication

A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this iss...

7.5CVSS0.00403EPSS
Exploits0References7
OSV
OSV
added 5 days ago3 views

CVE-2026-15542 will-moss Isaiah Websocket Connection Authentication main.go improper authentication

A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this iss...

6.9CVSS5.6AI score0.00403EPSS
Exploits0References9
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-15541 will-moss Isaiah Master Websocket server.go Server.Handle authorization

A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch...

7.5CVSS0.00316EPSS
Exploits0References7
CVE
CVE
added 5 days ago11 views

CVE-2026-15533

CVE-2026-15533 targets DedeCMS 5.7.118. The flaw is in the Column Management module, specifically /plus/search.php, where manipulating the Column Name argument allows code injection. It is exploitable remotely and a public exploit exists. The CVSS-derived assessment in the record indicates MEDIUM...

5.8CVSS5.9AI score0.00248EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43278

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS4.7AI score0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 days ago6 views

X.org: xorg-x11-server: GLX contextTags Use-After-Free in CommonMakeCurrent()

A flaw was found in the X.org X11 server, specifically within the GLX OpenGL Extension to the X Window System dispatch layer. A remote attacker can exploit this vulnerability by sending a series of crafted X11 requests. This can lead to a use-after-free condition, where the server attempts to wri...

9CVSS6AI score0.00192EPSS
Exploits0References4
OSV
OSV
added 5 days ago4 views

CVE-2026-15529 yzhao062 pyod persistence.py pyod.utils.persistence.load deserialization

A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix thi...

5.3CVSS6AI score0.00252EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 5 days ago3 views

The vulnerability of the gnutls_x509_crt_check_hostname2() function in the lib/x509/hostname-verify.c file of the GnuTLS cryptographic library allows a attacker to perform a MITM attack.

The vulnerability of the gnutlsx509crtcheckhostname2 function in the lib/x509/hostname-verify.c file of the GnuTLS cryptographic library is related to errors in the certificate validation process. Exploiting this vulnerability could allow a remote attacker to perform a MITM attack...

8.5CVSS6.1AI score0.00423EPSS
Exploits0References28Affected Software8
BDU FSTEC
BDU FSTEC
added 5 days ago3 views

The vulnerability of the gnutls_pkcs12_bag_set_data() function in the GnuTLS cryptographic library allows a attacker to damage memory or cause service failures.

The vulnerability of the gnutlspkcs12bagsetdata function in the GnuTLS cryptographic library is related to a single-precision shift error. Exploiting this vulnerability could allow an attacker to corrupt memory or cause service failures...

5.3CVSS5.2AI score0.00727EPSS
Exploits0References27Affected Software8
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-57646

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...

5.3CVSS5.9AI score0.00242EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-43246

A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument pmetaData causes cross site scripting. The attack may be initiated remotely. The vendo...

5.1CVSS4.6AI score0.00195EPSS
Exploits0References4
Rows per page
Query Builder