Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/06/09 8:34 p.m.6 views

MAL-2026-5476 Malicious code in mcp-server-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34dfb6dc382073bace8a4d413b28000ff42770d04b9f69a88906230e2d83260a Package squats the unscoped name mcp-server-fetch an MCP server name commonly invoked via npx mcp-server-fetch by AI coding agents and developer...

5.6AI score
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/05/14 8:24 p.m.6 views

Open WebUI's chat completion API allows tool restrictions to be bypassed

Summary Open WebUI v0.6.43 contains a vulnerability in its chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. Details In the chatcompletion API, the parameters toolids and toolservers are supplied by the user. These...

7.1CVSS5.7AI score0.0026EPSS
Exploits1References5Affected Software1
Metasploit
Metasploitadded 2026/04/02 7:2 p.m.205 views

HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/vncinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show an...

5.5AI score
Exploits0
Metasploit
Metasploitadded 2026/04/02 7:2 p.m.192 views

HTTP Fetch, Reverse TCP Stager (DNS)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/vncinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and...

5.5AI score
Exploits0
CNNVD
CNNVDadded 2025/12/09 12:0 a.m.3 views

Fetch MCP Server 安全漏洞

Fetch MCP Server is a context protocol server by Zach Caceres Individual Developer. A security vulnerability exists in Fetch MCP Server version 1.0.2 and prior versions, which stems from server-side request forgery and could lead to access to internal network resources...

7.5CVSS6.4AI score0.00381EPSS
Exploits1References3
EUVD
EUVDadded 2025/11/13 3:23 a.m.2 views

EUVD-2025-175536

Malicious code in winston-process-fetch-server npm...

6.6AI score
Exploits0
OSV
OSVadded 2025/11/13 3:23 a.m.0 views

MAL-2025-190340 Malicious code in winston-process-fetch-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f32310e6d14f06422f625862322cf64c1e6a08c795148c10b8a5c50e384c2f17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder