CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

883 matches found

CVE-2026-26824

A flaw was found in libxls. This vulnerability, a use of uninitialized memory, occurs in the OLE container parser when processing a specially crafted XLS file. An attacker could exploit this by providing a malicious XLS file, which may lead to application crashes or the potential disclosure of...

5.6AI score

Exploits0References2

CVE•added 2 days ago•6 views

CVE-2026-42795

Gleam: Symlink following in Hex package export vulnerability (CVE-2026-42795) allows embedding files outside the project root into the generated Hex package. Root cause: file collection in compiler-cli/src/fs.rs uses follow_links(true) for publishable directories (e.g., src/, priv/) and add_path_...

5.1CVSS5.9AI score0.00014EPSS

Exploits0References4

Packet Storm News•added 2026/05/28 12:0 a.m.•6 views

Hijacking Agent Memory: Stealthy Trojan Attacks through Conversational Interaction

Large language model LLM agents increasingly leverage long term memory to support persistent and autonomous task execution. However, this capability also introduces a new attack surface: memory poisoning, where adversaries can inject malicious information to influence future behavior. Existing...

5.8AI score

Exploits0

CNNVD•added 2026/05/27 12:0 a.m.•5 views

Jenkins Email Extension Plugin 安全漏洞

The Jenkins Email Extension Plugin is an open-source extension for Jenkins that handles email notifications and build messages. The Jenkins Email Extension Plugin versions 1933.v45cec755423f and earlier contain security vulnerabilities. These vulnerabilities stem from allowing base64-encoded imag...

8.8CVSS5.9AI score0.00444EPSS

Exploits0References1

OSV•added 2026/05/26 6:0 p.m.•3 views

GHSA-HQMV-V56G-4M47 Typebot.io has stored XSS via `javascript`: URI in text bubble links — bot author executes JS on visitors' browsers

Summary The Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser context when clicked. Since the viewer is typically embedded...

5.4CVSS5.9AI score0.00049EPSS

Exploits0References5

Github Security Blog•added 2026/05/26 6:0 p.m.•6 views

Typebot.io has stored XSS via `javascript`: URI in text bubble links — bot author executes JS on visitors' browsers

5.4CVSS5.9AI score0.00049EPSS

Exploits0References5Affected Software1

GithubExploit•added 2026/05/21 11:24 a.m.•95 views

Exploit for CVE-2026-45829

🚨 CVE-2026-45829 - ChromaDB Pre-Auth RCE Critical Remote...

10CVSS6.4AI score0.00168EPSS

Exploits2

RedhatCVE•added 2026/05/18 7:58 p.m.•7 views

CVE-2026-45667

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.app.state.EMBEDDINGFUNCTION.... This allows any unauthenticated caller to trigger embedding generati...

6.5CVSS5.8AI score0.00022EPSS

Exploits1References1

NVD•added 2026/05/15 10:16 p.m.•11 views

CVE-2026-45667

6.5CVSS0.00022EPSS

Exploits1References1

EUVD•added 2026/05/15 9:41 p.m.•5 views

EUVD-2026-30665

6.5CVSS5.8AI score0.00022EPSS

Exploits1References1

Cvelist•added 2026/05/15 9:41 p.m.•29 views

CVE-2026-45667 Open WebUI: Unauthenticated endpoint can trigger embedding generation (cost/DoS)

6.5CVSS0.00022EPSS

Exploits1References1

CVE•added 2026/05/15 9:41 p.m.•10 views

CVE-2026-45667

Open WebUI vulnerability CVE-2026-45667: Before version 0.8.0, the unauthenticated GET /api/v1/memories/ef could trigger EMBEDDING_FUNCTION(...) and cause embedding generation, potentially incurring costs if paid providers are used. The issue is rooted in exposing a cost/resource–intensive operat...

6.5CVSS5.8AI score0.00022EPSS

Exploits1References1Affected Software1

ATTACKERKB•added 2026/05/15 9:41 p.m.•7 views

CVE-2026-45667

6.5CVSS5.8AI score0.00022EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2026/05/14 8:28 p.m.•5 views

Open WebUI: Unauthenticated endpoint can trigger embedding generation (cost/DoS)

Summary GET /api/v1/memories/ef is accessible without authentication and executes request.app.state.EMBEDDINGFUNCTION.... This allows any unauthenticated caller to trigger embedding generation which can lead to direct cost exposure if a paid provider is used. Code reference:...

6.5CVSS5.8AI score0.00022EPSS

Exploits1References5Affected Software1

OSV•added 2026/05/14 8:28 p.m.•7 views

GHSA-M69W-P7M4-585J Open WebUI: Unauthenticated endpoint can trigger embedding generation (cost/DoS)

6.5CVSS5.8AI score0.00022EPSS

Exploits1References5

Positive Technologies•added 2026/05/14 12:0 a.m.•6 views

PT-2026-41192

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description An information disclosure issue exists where the 'GET /api/v1/retrieval/' endpoint returns live RAG Retrieval-Augmented Generation pipeline configuration to any unauthenticated HTTP client. No...

5.3CVSS5.8AI score0.00039EPSS

Exploits1References6

ATTACKERKB•added 2026/05/12 7:43 p.m.•3 views

CVE-2026-42338

ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group and Address6.link do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage emitted by the Address6...

5.3CVSS5.4AI score0.00012EPSS

Exploits1References2Affected Software1

EUVD•added 2026/05/11 6:31 p.m.•3 views

EUVD-2026-29141

OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs...

6.3CVSS5.9AI score0.00052EPSS

Exploits0References4