Lucene search
K

2489 matches found

CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. wolfSSL has a security vulnerability that stems from an integer underflow issue during the parsing of X.509 certificates, which may le...

8.1CVSS5.8AI score0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.12 views

LiteLLM 安全漏洞

LiteLLM is an open-source application developed by Berri AI. It allows for the invocation of all LLM APIs in the OpenAI format. Versions of LiteLLM dated before April 8, 2026, contain a security vulnerability. This vulnerability stems from the /guardrails/testcustomcode URI, which allows arbitrar...

8.8CVSS6AI score0.06496EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication or signature verification for the /media-stream WebSocket endpoint, alo...

7.5CVSS5.8AI score0.00372EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.8 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.25 contained security vulnerabilities. These vulnerabilities were due to a rate-limiting mechanism in the Webhook token verification process, which allowed bypasses and could le...

6.5CVSS5.8AI score0.00244EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

TP-Link Archer AX53 安全漏洞

The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior versions of the TP-Link Archer AX53, including v1.0, 1.7.1 Build 20260213, contained security vulnerabilities. These vulnerabilities stemmed from the OpenVPN module’s ability to allow external control, which coul...

6.8CVSS5.9AI score0.00286EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

Unfurl 安全漏洞

Unfurl is a URL data extraction and visualization analysis tool developed by Ryan Benson. Versions of Unfurl prior to version 2026.04 contained security vulnerabilities. These vulnerabilities stemmed from an unlimited zlib decompression issue in the parsecompressed.py script. This could allow...

8.7CVSS5.8AI score0.00508EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

Hayabusa 跨站脚本漏洞

Hayabusa is an open-source Windows event log forensic and threat hunting tool developed by Yamato Security. Versions prior to Hayabusa 3.8.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTML report outputs that had the same cross-site scripting vulnerabilities,...

5.4CVSS5.9AI score0.002EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from improper limitation of work quantities during the chain construction process,...

7.5CVSS7.3AI score0.00615EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the incorrect application of DNS constraints during certificate chain verification...

8.2CVSS7.3AI score0.0034EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.7 views

emmett 路径遍历漏洞

Emmett is a full-stack Python web framework developed by Emmett. Versions of Emmett from 2.5.0 to 2.8.1 had a path traversal vulnerability. This vulnerability stemmed from issues with the RSGI static processing program, allowing for the reading of files outside the asset directory...

9.1CVSS5.8AI score0.00495EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.5 views

Scoold 安全漏洞

Scoold is a team-based Q&A and knowledge-sharing platform developed by Erudika. Versions of Scoold prior to 1.66.2 contained security vulnerabilities. These vulnerabilities were due to authorization flaws, which could allow low-privilege users to override the permissions of other users...

6.5CVSS5.8AI score0.00211EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.14 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from memory security issues...

9.8CVSS5.8AI score0.00561EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

LiteLLM 授权问题漏洞

LiteLLM is an open-source application developed by Berri AI. It allows for the invocation of all LLM APIs in the OpenAI format. Prior to version 1.83.0, LiteLLM had an authorization vulnerability. This vulnerability stemmed from the use of token:20 as a cache key when JWT authentication was...

9.4CVSS5.8AI score0.0049EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of netlink policy validation, potentially leading to out-of-bound access...

7.1CVSS5.8AI score0.00169EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.6 views

Vim 操作系统命令注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0276 contained a vulnerability related to operating system command injection. This vulnerability stemmed from a model line sandbox bypass, allowing arbitrary operating system commands to be...

8.2CVSS6.4AI score0.0047EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...

9.1CVSS5.8AI score0.00311EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/04 12:0 a.m.9 views

Wikipedia 访问控制错误漏洞

Wikipedia is a multilingual online encyclopedia platform operated by the Wikipedia Corporation. Version 12.0 of Wikipedia has a security vulnerability related to access control. This vulnerability arises from the search function’s improper handling of excessively large inputs, which may allow...

8.7CVSS5.8AI score0.00357EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

prompts.chat 路径遍历漏洞

prompts.chat is an open-source AI prompt library developed by Fatih Kadir Akın. Previous versions of prompts.chat had a path traversal vulnerability; this vulnerability stemmed from path traversal in skill file processing. Attackers could write arbitrary files onto the client system through...

8.6CVSS6AI score0.00363EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of null pointer checking in the inteldmcupdatedc6allowedcount function. This vulnerabili...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of holding the device lock during nandlock and nandunlock operations, potentially leadin...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References6
Rows per page
Query Builder