Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22068 matches found

CVE
CVEadded 2026/03/28 9:0 p.m.9 views

CVE-2026-5014

The CVE-2026-5014 affects elecV2 elecV2P up to version 3.8.3, targeting the path.join operation in the /log/ component of the Wildcard Handler. The issue enables path traversal and can be exploited remotely. Public exploit exists; the project was informed via issue reports but has not responded. ...

6.9CVSS5.6AI score0.00449EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/28 9:0 p.m.1 views

CVE-2026-5014 elecV2 elecV2P Wildcard log path.join path traversal

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS5.4AI score0.00449EPSS
Exploits0References5
NVD
NVDadded 2026/03/28 6:15 p.m.2 views

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS0.00687EPSS
Exploits1References4
NVD
NVDadded 2026/03/28 5:16 p.m.2 views

CVE-2026-5002

A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...

7.5CVSS0.00304EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.3 views

CVE-2026-4957

A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handletoolcall of the file XAgent/functionhandler.py of the component API Key Handler. This manipulation of the argument apikey causes sensitive information in log files. The attack may be initiate...

5.1CVSS5.5AI score0.0028EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.4 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/03/28 4:45 p.m.1 views

CVE-2026-5002

A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...

7.5CVSS5.4AI score0.00304EPSS
Exploits0References4
CVE
CVEadded 2026/03/28 4:45 p.m.11 views

CVE-2026-5002

CVE-2026-5002 affects PromtEngineer localGPT (LLM Prompt Handler) with the vulnerable element in backend/server.py, function _route_using_overviews. The issue is described as an injection vulnerability that can be exploited remotely; the exploit has been disclosed publicly. The product uses a rol...

7.5CVSS6.5AI score0.00304EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/28 4:45 p.m.0 views

CVE-2026-5002 PromtEngineer localGPT LLM Prompt server.py _route_using_overviews injection

A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...

7.5CVSS5.4AI score0.00304EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/28 4:0 p.m.2 views

CVE-2026-5001 PromtEngineer localGPT server.py do_POST unrestricted upload

A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function doPOST of the file backend/server.py. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publishe...

7.5CVSS5.5AI score0.00294EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/28 1:15 p.m.2 views

CVE-2026-4998 Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00532EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/28 1:15 p.m.2 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00532EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/03/28 12:30 p.m.6 views

EUVD-2026-16917

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...

5.1CVSS4.3AI score0.00191EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/28 12:30 p.m.2 views

EUVD-2026-16915

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function genericexceptionhandler of the file backend/openui/server.py of the component APIStatusError Handler. The manipulation of the argument key results in information exposure through error message. Access to the...

5.1CVSS5.4AI score0.00198EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/28 10:45 a.m.1 views

CVE-2026-4995 wandb OpenUI Window Message Event index.html cross site scripting

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...

5.1CVSS4.3AI score0.00191EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/28 10:45 a.m.1 views

CVE-2026-4995

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...

5.1CVSS4.3AI score0.00191EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/03/28 10:16 a.m.4 views

CVE-2026-4994

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function genericexceptionhandler of the file backend/openui/server.py of the component APIStatusError Handler. The manipulation of the argument key results in information exposure through error message. Access to the...

5.1CVSS0.00198EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/28 9:15 a.m.2 views

CVE-2026-4994 wandb OpenUI APIStatusError server.py generic_exception_handler information exposure

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function genericexceptionhandler of the file backend/openui/server.py of the component APIStatusError Handler. The manipulation of the argument key results in information exposure through error message. Access to the...

5.1CVSS5.4AI score0.00198EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/28 9:15 a.m.39 views

CVE-2026-4994 wandb OpenUI APIStatusError server.py generic_exception_handler information exposure

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function genericexceptionhandler of the file backend/openui/server.py of the component APIStatusError Handler. The manipulation of the argument key results in information exposure through error message. Access to the...

5.1CVSS0.00198EPSS
Exploits0References4
CVE
CVEadded 2026/03/28 9:15 a.m.14 views

CVE-2026-4994

CVE-2026-4994 affects wandb OpenUI up to 1.0/3.5-turb. The vulnerable component is generic_exception_handler in backend/openui/server.py of the APIStatusError Handler. The issue arises from manipulation of the argument key, leading to information exposure through error messages. Access to the loc...

5.1CVSS5.4AI score0.00198EPSS
Exploits0References4
Rows per page
Query Builder