766 matches found
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation in the metadata field processing. An attacker can rename, move, or change permissions of files within the container by submitting specially crafted tag names such as System:FileName, System:Directory, or...
GHSA-3HJV-C53M-58JJ Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability
Abstract Trend Micro's Zero Day Initiative has identified a vulnerability affecting FlowiseAI Flowise. Vulnerability Details - Version tested: 3.0.13 - Installer file: https://github.com/FlowiseAI/Flowise - Platform tested: Ubuntu 25.10 Analysis This vulnerability allows remote attackers to execu...
Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability
Abstract Trend Micro's Zero Day Initiative has identified a vulnerability affecting FlowiseAI Flowise. Vulnerability Details - Version tested: 3.0.13 - Installer file: https://github.com/FlowiseAI/Flowise - Platform tested: Ubuntu 25.10 Analysis This vulnerability allows remote attackers to execu...
PT-2026-34236
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description A flaw exists in the run method of the CSV Agents class due to improper sandboxing when evaluating Python scripts generated by a Large Language Model LLM. An unauthenticated attacker can use prompt...
CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-4157
ChargePoint Home Flex revssh Service Command Injection (CVE-2026-4157) allows network-adjacent attackers to execute arbitrary code as root due to improper validation of a user-supplied string before invoking a system call in OCPP message handling. Authentication is not required. The issue is docu...
CVE-2026-5059
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...
CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-2942
The CVE-2026-2942 entry documents an unauthenticated arbitrary file upload vulnerability in the ProSolution WP Client WordPress plugin, affecting all versions up to 1.9.9 due to missing file type validation in proSol_fileUploadProcess. This could enable remote code execution on the affected site....
CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...
CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...
(0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the allowed commands list. The issue results from the lack of proper...
PT-2026-28219
Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A stack overflow exists in the kgssapi.ko kernel module and the librpcgss sec library during the validation of RPCSEC GSS data packets. The routine responsible for checking the packet signatu...
CVE-2026-33283
CVE-2026-33283 – Ella Core panics on malformed UL NAS Transport NAS messages without a Request Type. Ella Core is a 5G core for private networks. The vulnerability affects versions prior to 1.6.0, where processing malformed UL NAS Transport NAS messages without a Request Type causes the applicati...
CVE-2026-33282 Ella Core panics on malformed NGAP Location Report
Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing a malformed NGAP LocationReport message with ue-presence-in-area-of-interest event type and omitting the optional UEPresenceInAreaOfInterestList IE. An attacker able to send crafted NGAP messages t...
(Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability
This vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Samsung Account application. An attacker can force a redirection to a site that serves...
EUVD-2025-208667
claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of claude-hovercraft. Authentication is not required to exploit this vulnerability. The specific flaw exists...
(Pwn2Own) QNAP TS-453E malware_remover Code Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the malwareremover.cgi endpoint. The issue results from the lack of prope...
(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of TrueType fonts. The issue results from the...
GHSA-VXX9-2994-Q338 Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145
Summary The Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new inbound stream, stream state is created and a receiver is queued before oversized-body validati...