Lucene search
K

17739 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/04 1:0 p.m.9 views

CVE-2026-14628

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/07/04 12:45 p.m.21 views

CVE-2026-14627

The vulnerability CVE-2026-14627 affects NousResearch hermes-agent up to 0.15.2, specifically the Discord Platform Integration’s DiscordAdapter._is_allowed_user in gateway/platforms/discord.py. The root cause is improper authentication caused by manipulation of this function, enabling a remote at...

6.3CVSS5.5AI score0.00369EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/04 11:30 a.m.7 views

EUVD-2026-41664

A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tuigateway/server.py. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to...

6.5CVSS6.2AI score0.00224EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/04 12:31 a.m.11 views

EUVD-2026-41654

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References9
NVD
NVD
added 2026/07/03 10:16 p.m.12 views

CVE-2026-14617

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS0.00237EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/03 9:45 p.m.11 views

CVE-2026-14617

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/07/03 9:45 p.m.40 views

CVE-2026-14617 NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate case sensitivity

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS0.00237EPSS
Exploits0References8
CVE
CVE
added 2026/07/03 9:45 p.m.15 views

CVE-2026-14617

CVE-2026-14617 affects NousResearch hermes-agent (up to 2026.4.30). The issue resides in GatewayStreamConsumer._filter_and_accumulate (gateway/stream_consumer.py) within the Streaming Reasoning Tag Filter, where improper handling of case sensitivity is reported as the underlying root cause. The v...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References8
OSV
OSV
added 2026/07/03 7:23 p.m.4 views

MINI-GW3J-65PX-XC76

Bulletin has no description...

7.5CVSS6.7AI score0.00781EPSS
Exploits0
Nuclei
Nuclei
added 2026/07/03 1:39 p.m.69 views

Citrix - Local File Inclusion

Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 are vulnerable to local file inclusion because they allow unauthenticated access to certain URL endpoints. id:...

6.5CVSS6.8AI score0.88411EPSS
Exploits5References5
OSV
OSV
added 2026/07/03 1:33 p.m.2 views

MINI-GW7F-8F9C-HP2G

Bulletin has no description...

5.9AI score
Exploits0
EUVD
EUVD
added 2026/07/03 12:31 a.m.9 views

EUVD-2026-41457

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS5.8AI score0.00495EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55660

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 2026.4.31 Description An issue exists in the Streaming Reasoning Tag Filter component within the GatewayStreamConsumer. filter and accumulate function located in the gateway/stream consumer.py file...

3.1CVSS5.8AI score0.00237EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.10 views

NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX696604)

The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 13.1 prior to 13.1-63.18, 14.1 prior to 14.1-72.61, 13.1-FIPS/NDcPP prior to 13.1-37.272, or 14.1-FIPS prior to 14.1-72.61. It is, therefore, affected by multiple vulnerabilities: -...

9.8CVSS7.5AI score0.00502EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:6 p.m.12 views

CVE-2026-13084

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS5.8AI score0.00495EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/02 11:6 p.m.42 views

CVE-2026-13084 Null Pointer Dereference in WatchGuard Fireware OS iked Process

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS0.00495EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 5:13 p.m.8 views

GHSA-4M3V-Q747-PC6H OpenClaw: Mattermost slash token revocation could lag until monitor refresh

Summary Mattermost slash token revocation could lag until monitor refresh. In affected versions, a caller with an old Mattermost slash token during the refresh window could continue accepting the old token until the monitor refreshed. This advisory is scoped to the named feature and configuration...

6.3CVSS6AI score0.00181EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 5:12 p.m.11 views

EUVD-2026-36322

OpenClaw: Paired nodes could forge exec lifecycle events without system.run provenance...

8.6CVSS5.8AI score0.00342EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 4:58 p.m.3 views

GHSA-P39J-X9H5-Q66M OpenClaw: Embedded runner policy could be confused by provider aliases

Summary Embedded runner policy could be confused by provider aliases. In affected versions, a request using provider aliases could compare policy against an alias instead of the canonical provider identity. This advisory is scoped to the named feature and configuration. It does not change...

4.8CVSS5.9AI score0.00093EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 4:53 p.m.3 views

GHSA-GRC3-2J34-P6GM OpenClaw: message.action forwarding could send Gateway credentials to model-supplied loopback URLs

Summary message.action forwarding could send Gateway credentials to model-supplied loopback URLs. In affected versions, model-controlled action metadata that selects a loopback Gateway URL could forward the action payload with Gateway credentials to the supplied loopback URL. This advisory is...

6.8CVSS6AI score0.00254EPSS
Exploits0References2
Rows per page
Query Builder