CVE-2026-41646

A flaw was found in Nuclei. A vulnerability in Nuclei's JavaScript protocol runtime allows JavaScript templates to read local .js and .json files. This can be exploited by an attacker through the require function, bypassing default local file access restrictions, leading to information disclosure...

CVE-2024-41646

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2dwbcontroller...

EUVD-2025-41646

Malicious code in bambang-kripik74-riris npm...

Exploit for Incorrect Type Conversion or Cast in Kunbus Revpi_Status

CVE-2025-41646 - RevPi Webstatus request/response ⚠️ D...

CVE-2025-41646

creationtimestamp| type| source ---|---|--- 2025-06-06 15:43:25+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114637183702998002 2025-06-06 19:02:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqxjkfs4n42r 2025-06-10 03:45:31+00:00| seen|...

CVE-2023-41646

Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...

CVE-2022-41646

Insufficient control flow management in the IntelR IPP Cryptography software before version 2021.6 may allow an unauthenticated user to potentially enable information disclosure via local access...

CVE-2024-41646

creationtimestamp| type| source ---|---|--- 2024-12-06 23:59:49+00:00| seen| https://t.me/cvedetector/12289...

CVE-2023-41646

creationtimestamp| type| source ---|---|--- 2023-09-08 02:19:32+00:00| seen| https://t.me/cibsecurity/70116...

@buttercup/diag (>=0.1.0 <=0.2.0), bcup-cli (>=1.0.0 <=1.2.0) +2 more potentially affected by CVE-2023-41646 via buttercup (>=3.0.0 <=6.17.2)

buttercup NPM version =3.0.0, =0.1.0, =1.0.0, =1.0.1, =0.2.3, =0.2.4 Source cves: CVE-2023-41646 Source advisory: OSV:GHSA-7CWQ-P8CR-H9QG...

CVE-2023-41646

Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...

CVE-2023-41646

Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...

CVE-2023-41646

Buttercup v2.20.3 is vulnerable: an attacker can obtain the master password hash by reading the vaults.json file. Root cause cited: exposure of vaults.json without proper protection. Impact per sources: potential leakage of master password hash (CVSS 3.1 base score 5.3, Confidentiality impact Low...

CVE-2023-41646

Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...

CVE-2022-41646

creationtimestamp| type| source ---|---|--- 2023-05-10 18:29:02+00:00| seen| https://t.me/cibsecurity/63800...

CVE-2022-41646

Insufficient control flow management in the IntelR IPP Cryptography software before version 2021.6 may allow an unauthenticated user to potentially enable information disclosure via local access...

CVE-2022-41646

CVE-2022-41646 affects Intel IPP Cryptography software before 2021.6. Root cause: insufficient control flow management. Impact: could allow an unauthenticated user to disclose information via local access. Affected product: Intel® IPP Cryptography. Remediation: upgrade to version 2021.6 or later ...

Intel® IPP Cryptography Advisory

Summary: Potential security vulnerabilities in Intel® Integrated Performance Primitives IPP Cryptography software may allow information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-37409 Description: Insufficie...

CVE-2021-41646

creationtimestamp| type| source ---|---|--- 2021-10-29 22:18:26+00:00| seen| https://t.me/cibsecurity/31474...

CVE-2021-41646

The CVE-2021-41646 entry concerns Sourcecodester Online Reviewer System 1.0, where an attacker can achieve Remote Code Execution by uploading a maliciously crafted PHP file that bypasses image-upload filters. The vulnerability enables an attacker to run arbitrary PHP code on the server via a craf...