Lucene search
K

720 matches found

RedhatCVE
RedhatCVE
added 3 days ago4 views

CVE-2026-60103

A flaw was found in Blender. A remote attacker could exploit an out-of-bounds read vulnerability by providing a specially crafted .blend file. This vulnerability occurs when the application processes a malicious memberindex value without proper validation, leading to an attempt to access memory...

6.8CVSS6.1AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-60103

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS0.00117EPSS
Exploits0References3
OSV
OSV
added 3 days ago4 views

UBUNTU-CVE-2026-60103

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS6.1AI score0.00117EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-60103 Blender 3.0.0 - 5.1.2 Out-of-Bounds Read via crafted .blend SDNA block

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS0.00117EPSS
Exploits0References3
CVE
CVE
added 3 days ago19 views

CVE-2026-60103

Blender 3.0.0–5.1.2 contains an out-of-bounds read via a crafted .blend SDNA block. The signed short member_index is used as an array index into sdna->members[] in sdna_expand_names() without bounds checking, producing an invalid pointer that is then passed to strlen(), causing a SIGSEGV or un...

6.8CVSS6.1AI score0.00117EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-60103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a...

6.8CVSS6.1AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10662

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

6.5CVSS6.1AI score0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10688

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS5.8AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-10661

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 12:30 a.m.14 views

EUVD-2026-34048

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS5.9AI score0.00178EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/03 12:30 a.m.14 views

EUVD-2026-34036

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References9
NVD
NVD
added 2026/06/02 11:16 p.m.16 views

CVE-2026-10688

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS0.00178EPSS
Exploits0References6
NVD
NVD
added 2026/06/02 11:16 p.m.17 views

CVE-2026-10662

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

6.5CVSS0.00227EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/02 10:45 p.m.37 views

CVE-2026-10688 ahujasid blender-mcp server.py execute_blender_code code injection

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS0.00178EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/02 10:45 p.m.8 views

CVE-2026-10688

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS5.9AI score0.00178EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/02 10:45 p.m.8 views

CVE-2026-10688 ahujasid blender-mcp server.py execute_blender_code code injection

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS5.9AI score0.00178EPSS
Exploits0References6
CVE
CVE
added 2026/06/02 10:45 p.m.45 views

CVE-2026-10688

The CVE-2026-10688 affects the ahujasid blender-mcp project; the vulnerable component is execute_blender_code in /src/blender_mcp/server.py. Manipulating the code argument allows code injection, with remote execution possible. Public exploitation is indicated, and the project uses a rolling relea...

6.5CVSS5.9AI score0.00178EPSS
Exploits0References6
NVD
NVD
added 2026/06/02 10:16 p.m.16 views

CVE-2026-10661

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS0.00248EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/02 10:0 p.m.10 views

CVE-2026-10662

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

6.5CVSS6.1AI score0.00227EPSS
Exploits0References8
OSV
OSV
added 2026/06/02 10:0 p.m.2 views

CVE-2026-10662 ahujasid blender-mcp ZIP File server.py requests.get server-side request forgery

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

5.3CVSS5.5AI score0.00227EPSS
Exploits0References10
Rows per page
Query Builder