EUVD-2026-18109

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

EUVD-2026-18092

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2026-5315

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

PT-2026-29786

A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mt uploadImage of the file rpc/TXP RPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the...

PT-2026-29682

Name of the Vulnerable Software and Affected Versions AlejandroArciniegas mcp-data-vis affected versions not specified Description A SQL injection issue exists in the Request function within the src/servers/database/server.js file of the MCP Handler component. This manipulation can be initiated...

PT-2026-29746

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action set system settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. T...

PT-2026-29943

Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...

SourceCodester Leave Application System 安全漏洞

SourceCodester Leave Application System is an open-source vacation application system developed by SourceCodester. Version 1.0 of the SourceCodester Leave Application System contains a security vulnerability. This vulnerability stems from improper handling of the parameter ID in the...

Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a set of embedded server libraries developed by the Irish company Cesanta. It includes functions for TCP and HTTP clients and servers, as well as WenSocket clients and servers. Versions of Cesanta Mongoose 7.20 and earlier contained security vulnerabilities. These...

Dataease SQLBot 代码问题漏洞

Dataease SQLBot is a robot plugin developed by Dataease as open source. Versions of Dataease SQLBot 1.6.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect operations with the getesdatabyhttp function parameters in the ElasticSearch Handler component located...

MCP Data Visualization & Experimentation Platform SQL注入漏洞

MCP Data Visualization & Experimentation Platform is a large model context protocol developed by alejandro and his team. The MCP Data Visualization & Experimentation Platform has a SQL injection vulnerability. This vulnerability stems from an SQL injection vulnerability in the Request function...

PT-2026-29872

A vulnerability was determined in Dataease SQLbot up to 1.6.0. This issue affects the function get es data by http of the file backend/apps/db/es engine.py of the component Elasticsearch Handler. This manipulation of the argument address causes server-side request forgery. The attack may be...

Tenda G103 命令注入漏洞

The Tenda G103 is a GPON fiber access device designed specifically for home and SOHO users by the Chinese company Tenda. Version 1.0.0.5 of the Tenda G103 contains a command injection vulnerability. This vulnerability stems from improper handling of parameters such as...

Tenda G103 命令注入漏洞

The Tenda G103 is a GPON fiber access device designed specifically for home and SOHO users by the Chinese company Tenda. Version 1.0.0.5 of the Tenda G103 contains a command injection vulnerability. This vulnerability stems from an improper operation of the parameter “lanIp” in the function...

@bernierllc/neverhub (>=1.0.0 <=1.1.0), @cdagaton/excalidraw-mcp (>=0.3.2 <=0.3.3) +16 more potentially affected by CVE-2026-25536 via mcp-handler (>=1.0.1 <=1.0.7)

mcp-handler NPM version =1.0.1, =1.0.0, =0.3.2, =0.1.0, =0.0.0-experimental-20250910140832, =1.0.0, =0.0.27, =0.0.45 - @websolutespa/payload-plugin-bowl-llm =3.0.0 and more Source cves: CVE-2026-25536 Source advisory: OSV:GHSA-W2FM-25VW-VH7F...

GHSA-W2FM-25VW-VH7F mcp-handler has a tool response leak across concurrent client sessions ('Race Condition')

mcp-handler versions prior to 1.1.0 accepted @modelcontextprotocol/sdk =1.26.0, which contains the fix for CVE-2026-25536. Workarounds - Upgrade @modelcontextprotocol/sdk to =1.26.0 note: the SDK will throw on transport reuse, which will break mcp-handler 1.1.0 which effectively forces the upgrad...

mcp-handler has a tool response leak across concurrent client sessions ('Race Condition')

mcp-handler versions prior to 1.1.0 accepted @modelcontextprotocol/sdk =1.26.0, which contains the fix for CVE-2026-25536. Workarounds - Upgrade @modelcontextprotocol/sdk to =1.26.0 note: the SDK will throw on transport reuse, which will break mcp-handler 1.1.0 which effectively forces the upgrad...

CVE-2026-5314

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...

UBUNTU-CVE-2026-5314

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2026-5315 Nothings stb TTF File stb_truetype.h stbtt__buf_get8 out-of-bounds

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...