CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 5 days ago•5 views

USN-8055-2 evolution-data-server vulnerability

6AI score

OSV•added 5 days ago•3 views

OPENSUSE-SU-2026:20864-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2026-2604: Canonicalize path before local cache file removal. bsc1258307...

Snyk•added 5 days ago•3 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the auth function in the file internal/http/evolutionhandlers.go. An attacker can gain unauthorized access or perform actions with insufficient permissions by sending crafted requests remotely. Remediation The...

5.5CVSS6AI score0.00043EPSS

NVD•added 5 days ago•7 views

CVE-2026-10218

5.5CVSS0.00043EPSS

Cvelist•added 5 days ago•27 views

CVE-2026-10218 nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization

5.5CVSS0.00043EPSS

ATTACKERKB•added 5 days ago•4 views

CVE-2026-10218

Exploits0References6Affected Software1

EUVD•added 5 days ago•6 views

EUVD-2026-33539

Vulnrichment•added 5 days ago•6 views

CVE-2026-10218 nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization

CVE•added 5 days ago•10 views

CVE-2026-10218

The CVE-2026-10218 entry applies to nextlevelbuilder GoClaw up to version 3.11.3. The issue is in the auth function of internal/http/evolution_handlers.go, leading to improper authorization. The vulnerability is exploitable remotely and was disclosed publicly; the project labeled the issue as a b...

Positive Technologies•added 5 days ago•8 views

PT-2026-45250

A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be...

Packet Storm News•added 2026/05/27 12:0 a.m.•6 views

Exploits0References7

Evolving Skill-Structured Attack Memory Enhances LLM Jailbreaking

Jailbreak attacks on large language models LLMs aim to induce LLMs to produce content that they are expected to refuse. Automated black-box jailbreak generation is especially important for safety evaluation, where the attacker observes only model outputs and needs to automatically search for...

Packet Storm News•added 2026/05/23 12:0 a.m.•9 views

Reasoning As an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs

Large Reasoning Models LRMs have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought CoT mechanism introduces new security risks, making them particularly vulnerable to jailbreak...

Hive Pro Threat Advisories•added 2026/05/22 10:1 a.m.•6 views

Nucleus Security vs Hive Pro: CTEM Comparison

Choosing between Nucleus Security vs Hive Pro is really a decision about how your security team wants to run exposure management: as an aggregation and workflow layer over existing tools, or as a broader CTEM platform that combines aggregation, native discovery, threat intelligence, validation, a...

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в evolution-data-server

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client by dereferencing a NULL pointer, by sending an invalid e.g., minimal CAPABILITY line during a connection attempt. This issue is related to the imapxfreecapability and imapxconnecttoserver functions...

5.9CVSS6.8AI score0.01593EPSS

Exploits1References1

Packet Storm News•added 2026/05/20 12:0 a.m.•6 views

VIPER-MCP: Detecting and Exploiting Taint-Style Vulnerabilities in Model Context Protocol Servers

Model Context Protocol MCP has emerged as a standard interface for connecting LLM agents to external tools. Because MCP servers expose privileged operations such as shell execution, network access, and file-system manipulation to agent-driven invocation, implementation flaws in tool handlers can...

6.4AI score

Packet Storm News•added 2026/05/20 12:0 a.m.•5 views

Detecting Trojaned DNNs Via Spectral Regression Analysis

Modern DNNs are repeatedly fine-tuned to incorporate new data and functionality. This evolutionary workflow introduces a security risk when updated data cannot be fully trusted, as adversaries may implant Trojans during fine-tuning. We present MIST, a Trojan detection approach that analyzes how a...

OSV•added 2026/05/15 2:3 p.m.•2 views

OESA-2026-2356 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.9AI score