Lucene search
K

791 matches found

ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-59873

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.19, node-tar does not enforce hard upper bounds on total decompressed data, entry counts, or decompression ratio in extraction and parsing paths such as src/extract.ts, allowing a small crafted gzip bomb to exhaust disk spac...

9.2CVSS5.9AI score
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage

An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache /next/image did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing...

7.5CVSS5.9AI score0.00683EPSS
Exploits0References7
NVD
NVD
added 2026/06/22 10:16 p.m.7 views

CVE-2026-48500

Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.52, 4.11.5, and 5.6.5, any schema can contain a file upload form field, so Filament applies Livewire's WithFileUploads trait to the Livewire component the schema is embedded in. However, so...

6.5CVSS0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/18 6:21 p.m.8 views

CVE-2026-44942

A flaw was found in libzypp. This path traversal vulnerability, present in the handling of the "path" component within .repo files, could allow attackers to write content to directories outside of the intended zypp cache. This unauthorized writing of data can lead to a Denial of Service DoS by...

6.5CVSS5AI score0.00329EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 5:16 p.m.11 views

CVE-2025-32437

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, MediaDurationBlock will download and store the video in a temporary directory without deleting before all noded are done. StepThroughItemsBlock can be used t...

8.7CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 5:16 p.m.14 views

CVE-2025-32436

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AddAudioToVideoBlock will download and store the video and audio in a temporary directory without deleting before all noded are done. StepThroughItemsBlock c...

7.1CVSS0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 5:16 p.m.14 views

CVE-2025-32424

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, ScreenshotWebPageBlock will store the captured screenshots in a temporary directory. StepThroughItemsBlock can be used to iterate ScreenshotWebPageBlock...

8.7CVSS0.00276EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 4:20 p.m.8 views

CVE-2025-32437

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, MediaDurationBlock will download and store the video in a temporary directory without deleting before all noded are done. StepThroughItemsBlock can be used t...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/18 4:18 p.m.18 views

CVE-2025-32436 AutoGPT has a DoS vulnerability in AddAudioToVideoBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AddAudioToVideoBlock will download and store the video and audio in a temporary directory without deleting before all noded are done. StepThroughItemsBlock c...

7.1CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 4:14 p.m.20 views

CVE-2025-32424

AutoGPT contains a DoS vulnerability in ScreenshotWebPageBlock prior to version 0.6.63. When a user repeatedly screenshots many pages via StepThroughItemsBlock, there is no limit on loops or on disk space usage in the current working directory, allowing disk exhaustion. Version 0.6.63 patches thi...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/18 4:12 p.m.9 views

EUVD-2025-210280

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, StepThroughItemsBlock can iterate all the contents in a list and send them to FileStoreBlock for downloading one by one. Although FileStoreBlock has access...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 4:12 p.m.16 views

CVE-2025-32422

AutoGPT contains a DoS vulnerability in StepThroughItemsBlock leading to disk exhaustion via unbounded downloads to FileStoreBlock. Before version 0.6.63, StepThroughItemsBlock can iterate over an arbitrary list and trigger downloads to FileStoreBlock without limiting loop count, while FileStoreB...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 4:12 p.m.18 views

CVE-2025-32422 AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, StepThroughItemsBlock can iterate all the contents in a list and send them to FileStoreBlock for downloading one by one. Although FileStoreBlock has access...

8.7CVSS0.00276EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 4:8 p.m.6 views

CVE-2025-32392

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT's LoopVideoBLock allows users to input a video file and process the video, such as looping it 5 times or extending the time, and finally writing it t...

8.7CVSS5.4AI score0.00343EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/18 4:8 p.m.16 views

CVE-2025-32392

AutoGPT (workflow automation platform) contains a DoS vulnerability in the LoopVideoBlock before version 0.6.63, where looping a video has no resource limits. The attacker can set an unbounded number of loops, causing an excessively large video file to be written to disk and thereby exhaust disk ...

8.7CVSS5.3AI score0.00343EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/17 6:43 p.m.5 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the createuploadfile function. An attacker can exhaust server disk space and obtain sensitive file system information by uploading arbitrary files without authentication and receiving...

9.3CVSS6AI score0.00332EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/06 1:46 p.m.10 views

Security Bulletin: Due to use of spring-web-6.2.17.jar, IBM Sterling Connect:Direct Web Services is vulnerable to allows an attacker to consume available disk space.

Summary spring-web-6.2.17.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22740. Vulnerability Details CVEID:CVE-2026-22740 DESCRIPTION: A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp...

6.5CVSS5.5AI score0.00344EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-33232

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS5.4AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.11 views

CVE-2024-33618

Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface...

7.5CVSS5.5AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 2:17 p.m.16 views

UBUNTU-CVE-2026-45920

In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown fstests test generic/388 occasionally reproduces a warning in ext4putsuper associated with the dirty clusters count: WARNING: CPU: 7 PID: 76064 at fs/ext4/super.c:1324...

7.8CVSS5.4AI score0.00146EPSS
Exploits0References3
Rows per page
Query Builder