CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

681 matches found

EUVD-2026-34048

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS5.9AI score0.00042EPSS

Exploits0References7

EUVD•added yesterday•6 views

EUVD-2026-34036

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5.3AI score0.00033EPSS

Exploits0References9

NVD•added 2 days ago•6 views

CVE-2026-10662

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

6.5CVSS0.00042EPSS

Exploits0References8

NVD•added 2 days ago•6 views

CVE-2026-10688

6.5CVSS0.00042EPSS

Exploits0References6

ATTACKERKB•added 2 days ago•3 views

CVE-2026-10688

6.5CVSS5.9AI score0.00042EPSS

Exploits0References6

Cvelist•added 2 days ago•19 views

CVE-2026-10688 ahujasid blender-mcp server.py execute_blender_code code injection

6.5CVSS0.00042EPSS

Exploits0References6

CVE•added 2 days ago•7 views

CVE-2026-10688

The CVE-2026-10688 affects the ahujasid blender-mcp project; the vulnerable component is execute_blender_code in /src/blender_mcp/server.py. Manipulating the code argument allows code injection, with remote execution possible. Public exploitation is indicated, and the project uses a rolling relea...

6.5CVSS5.9AI score0.00042EPSS

Exploits0References6

Vulnrichment•added 2 days ago•3 views

CVE-2026-10688 ahujasid blender-mcp server.py execute_blender_code code injection

6.5CVSS5.9AI score0.00042EPSS

Exploits0References6

NVD•added 2 days ago•7 views

CVE-2026-10661

5.3CVSS0.00033EPSS

Exploits0References8

ATTACKERKB•added 2 days ago•4 views

CVE-2026-10662

6.5CVSS6.1AI score0.00042EPSS

Exploits0References8

Vulnrichment•added 2 days ago•3 views

CVE-2026-10662 ahujasid blender-mcp ZIP File server.py requests.get server-side request forgery

6.5CVSS6.1AI score0.00042EPSS

Exploits0References8

Cvelist•added 2 days ago•24 views

CVE-2026-10661 ahujasid blender-mcp server.py open injection

5.3CVSS0.00033EPSS

Exploits0References8

ATTACKERKB•added 2 days ago•3 views

CVE-2026-10661

5.3CVSS5.3AI score0.00033EPSS

Exploits0References8

Vulnrichment•added 2 days ago•2 views

CVE-2026-10661 ahujasid blender-mcp server.py open injection

5.3CVSS5.3AI score0.00033EPSS

Exploits0References8

CVE•added 2 days ago•12 views

CVE-2026-10661

The CVE concerns ahujasid blender-mcp with a vulnerability in the Open function of src/blender_mcp/server.py. Manipulating the input_image_url parameter leads to injection, with remote exploitation possible. The affected project uses rolling releases, so specific version details are not listed; p...

5.3CVSS5.3AI score0.00033EPSS

Exploits0References8

Positive Technologies•added 2 days ago•4 views

PT-2026-45869

Name of the Vulnerable Software and Affected Versions ahujasid blender-mcp versions prior to 5b37be25242e73dc4cf1328974d30458b9e5d67e Description Server-side request forgery can be executed remotely via the ZIP File Handler component. The issue exists in the requests.get function within the...

6.5CVSS6.5AI score0.00042EPSS

Exploits0References10

Positive Technologies•added 2 days ago•6 views

PT-2026-45876

Name of the Vulnerable Software and Affected Versions ahujasid blender-mcp versions prior to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b Description Remote code injection is possible through the manipulation of the code argument within the execute blender code function located in the /src/blender...

6.5CVSS6AI score0.00042EPSS

Exploits0References8

Positive Technologies•added 2 days ago•4 views

PT-2026-45866

Name of the Vulnerable Software and Affected Versions ahujasid blender-mcp versions prior to 5b37be25242e73dc4cf1328974d30458b9e5d67e Description An injection issue exists in the Open function within the src/blender mcp/server.py file. This occurs when the input image url argument is manipulated,...

5.3CVSS5.8AI score0.00033EPSS

Exploits0References10

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в blender

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption, or potentially code execution...

7.8CVSS7.2AI score0.00468EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в blender

An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, potentially allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8, and 3.1...

5.5CVSS6AI score0.00139EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by