Lucene search
K

2953 matches found

CVE
CVE
added 2026/05/18 12:0 a.m.14 views

CVE-2026-36438

The CVE-2026-36438 entry concerns Intelbras VIP-1230-D-G4, firmware V2.800.00IB00C.0.T. A vulnerability in the password reset functionality under /OutsideCmd could allow a remote attacker to obtain sensitive information. The provided sources indicate an information-disclosure issue but do not spe...

5.3CVSS5.8AI score0.00349EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.7 views

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.9 views

CVE-2026-43989

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...

8.5CVSS5.8AI score0.00147EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/14 4:17 p.m.11 views

NPM: n8n Has an XML Node Prototype Pollution Patch Bypass

NPM: n8n Has an XML Node Prototype Pollution Patch Bypass vulnerability discovered by ? in WordPress Npm n8n versions 1.123.43...

6AI score0.00634EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2026/05/14 2:26 p.m.14 views

[SECURITY] [DSA 6270-1] postgresql-17 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6270-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq -...

8.8CVSS6.1AI score0.00668EPSS
Exploits0
NVD
NVD
added 2026/05/12 5:16 p.m.24 views

CVE-2026-43991

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constructions, allowing unauthorized command execution on the host when combined with the companion...

8.4CVSS0.00171EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 5:16 p.m.10 views

CVE-2026-43992

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool sendtokens, executecontract, instantiatecontract, uploadwasm, ibctransfer, etc. accepted 'mnemonic: string' as an explicit tool-call parameter. The BIP-39 seed was consequently embedded in th...

9.8CVSS0.00225EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 5:16 p.m.24 views

CVE-2026-43993

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...

8.2CVSS0.0023EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 4:29 p.m.10 views

EUVD-2026-29542

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...

8.2CVSS5.8AI score0.0023EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 4:22 p.m.7 views

EUVD-2026-29539

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's runcommand wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be...

8.4CVSS5.8AI score0.00151EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 4:21 p.m.9 views

EUVD-2026-29538

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...

8.5CVSS5.8AI score0.00147EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.10 views

PT-2026-40105

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...

8.2CVSS5.8AI score0.0023EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.20 views

PT-2026-40102

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be...

8.4CVSS5.8AI score0.00151EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.5 views

-fides-amor-et-lux (=1.0.0), -price-checker (>=1.0.0 <=1.0.5) +35597 more potentially affected by CVE-2026-45736 via ws (>=8.0.0 <=8.20.0)

ws NPM version =8.0.0, =1.0.0, =1.0.0, =1.1.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =1.0.0-beta.3 - 0g-vibekit =0.1.0 - 0g-zksettlement-client =1.0.0 and more Source cves: CVE-2026-45736 Source advisory: SNYK:JS-WS-16722635...

7.5CVSS5.7AI score0.00745EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.11 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017515 advisory. In ParseMetaGeometry of MagickCore/geometry.c, image height and width calculations can lead to divide- by-zero conditions which also lead to undefined behavior. This...

5.5CVSS6.2AI score0.00833EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017608 advisory. A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form...

4.3CVSS6AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017563 advisory. A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior...

4.3CVSS6.7AI score0.00966EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017602)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017602 advisory. A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

4.3CVSS6.7AI score0.01114EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.18 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017520 advisory. In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions...

4.3CVSS6.8AI score0.01362EPSS
Exploits0References4
Rows per page
Query Builder