agent-nexus-cli (>=0.1.0 <=0.1.31), agentiva (>=0.1.0 <=0.1.5) potentially affected by CVE-2026-28277 via langgraph-checkpoint (>=4.0.0 <=4.0.1)

langgraph-checkpoint PYPI version =4.0.0, =0.1.0, =0.1.0, =0.1.5 Source cves: CVE-2026-28277 Source advisory: SNYK:PYTHON-LANGGRAPHCHECKPOINT-15433491...

adxp-cli (>=0.1.1 <=0.1.21), ag-ui-langgraph (>=0.0.14 <=0.0.29) +113 more potentially affected by CVE-2026-28277 via langgraph (>=1.0.0 <=1.0.10)

langgraph PYPI version =1.0.0, =0.1.1, =0.0.14, =0.0.2, =0.1.0, =0.2.1, =0.1.0, =0.1.0, =0.0.1, =0.0.48, =0.0.54, =0.1.2, =0.1.4, =0.2.0 and more Source cves: CVE-2026-28277 Source advisory: SNYK:PYTHON-LANGGRAPH-15433492...

a-mailx (=0.1.0), a2a-client-handler (=0.1.0) +445 more potentially affected by CVE-2026-28277 via langgraph (>=0.0.15 <=1.0.10)

langgraph PYPI version =0.0.15, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.0.1, =2.1.7, =0.0.2, =0.0.1, =0.1.1, =0.1.2, =0.0.4, =0.3.4 and more Source cves: CVE-2026-28277 Source advisory: OSV:PYSEC-2026-83...

CVE-2026-28277

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can...

MAL-2025-28277 Malicious code in opal-poplh-iqhkh-quill-project (npm)

The package opal-poplh-iqhkh-quill-project was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2021-28277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.05 is affected by: Buffer Overflow via the RemoveUnknownSections function in jpgfile.c...

CVE-2023-28277

creationtimestamp| type| source ---|---|--- 2025-01-15 00:17:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1660...

CVE-2024-28277

CVE-2024-28277 affects Sourcecodester School Task Manager v1.0. The vulnerability is a Stored Cross-Site Scripting (XSS) in the subject_name/subject name parameter, allowing an attacker to manipulate the subject’s name and potentially execute malicious JavaScript payloads. Root cause is unvalidat...

CVE-2024-28277

In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subjectname= parameter, enabling Stored Cross-Site Scripting XSS attacks. This vulnerability allows attackers to manipulate the subject's name, potentially leading to the execution of malicious JavaScript payloa...

CVE-2024-28277

In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subjectname= parameter, enabling Stored Cross-Site Scripting XSS attacks. This vulnerability allows attackers to manipulate the subject's name, potentially leading to the execution of malicious JavaScript payloa...

CVE-2024-28277

creationtimestamp| type| source ---|---|--- 2024-05-09 12:42:55+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7257 2025-02-14 10:04:01+00:00| seen| Telegram/OQYLmr50yjQ1iaXShmQb-FhR4SiZVrQgaiLiG79dXouV6w...

Ubuntu: Security Advisory (USN-6110-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-28277

Windows DNS Server Information Disclosure Vulnerability...

CVE-2023-28277 Windows DNS Server Information Disclosure Vulnerability

...

CVE-2023-28277 Windows DNS Server Information Disclosure Vulnerability

...

CVE-2023-28277

CVE-2023-28277 is a Windows DNS Server Information Disclosure Vulnerability. The connected data identifies affected software as Windows DNS Server; the CVSS 3.1 base score is 4.9 (Network attack, Low complexity, High privileges required, No user interaction). The vulnerability could lead to infor...

GLSA-202210-17 : JHead: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-17 JHead: Multiple Vulnerabilities - A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a craftedfile...

@trovo/components (>=5.0.2 <=5.3.0), @trovo/motion (>=5.0.2 <=6.0.0) +9 more potentially affected by CVE-2020-28277 via dset (=1.0.1)

dset NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on dset and may be impacted: - @trovo/components =5.0.2, =5.0.2, =5.0.0, =1.0.15, =1.1.4, =1.0.0, =2.2.0, =1.0.0, =0.0.1, =0.0.2, =0.0.11 Source cves: CVE-2020-28277 Source advisory:...

CVE-2020-28277

creationtimestamp| type| source ---|---|--- 2022-05-24 17:37:26+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-q4xc-7cw8-cgfj...

CVE-2022-28277

Adobe Photoshop is affected by an out-of-bounds write vulnerability in PDF parsing that could allow arbitrary code execution in the context of the current user. Affected versions: 22.5.6 and earlier, 23.2.2 and earlier. Exploitation requires user interaction, specifically opening a malicious PDF ...