Lucene search
K

816 matches found

Vulnrichment
Vulnrichment
added 2026/05/06 7:36 p.m.8 views

CVE-2026-40171 Jupyter Notebook and JupyterLab token theft via stored XSS in help command linker

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6AI score0.00476EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.14 views

Jupyter多款产品 跨站脚本漏洞

Jupyter Notebook is an open-source web application developed by Project Jupyter, designed for creating and sharing code along with explanatory text documents. JupyterLab is another open-source project developed by JupyterLab, offering an extensible environment for interactive and reproducible...

8.4CVSS5.8AI score0.00476EPSS
Exploits0References1
OSV
OSV
added 2026/05/05 11:30 p.m.13 views

CLSA-2026-1777890711 flatpak: Fix of CVE-2026-34079

CVE-2026-34079: fix arbitrary host file deletion via app-controlled ld.so cache symlink in flatpakswitchsymlinkandremove...

8.7CVSS5.9AI score0.00323EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/01 9:31 a.m.8 views

WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Internal Link Juicer: SEO Auto Linker for WordPress versions = 2.24.6...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/04/30 5:25 p.m.3 views

Open Redirect

Overview @jupyter-notebook/help-extension is a Jupyter Notebook - Help Extension Affected versions of this package are vulnerable to Open Redirect in the CommandLinker class. An attacker can steal authentication tokens and gain unauthorized access to user accounts by convincing a user to open a...

8.8CVSS6AI score0.00476EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/30 5:25 p.m.9 views

Open Redirect

Overview notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Open Redirect in the CommandLinker class. An attacker can steal authentication tokens a...

8.8CVSS6AI score0.00476EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.4 views

Amazon Linux 2023 : flatpak, flatpak-devel, flatpak-libs (ALAS2023-2026-1601)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1601 advisory. A complete sandbox escape vulnerability exists in Flatpak before 1.16.4. The Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitra...

10CVSS6AI score0.0168EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 3:12 a.m.5 views

Malicious code in pdf-linker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14402ea1542260a2cb6471902d5e0d037fecb136e1f2b2995b2741eb775f495d The package pdf-linker was found to contain malicious code. Source: ghsa-malware b496570e3a5a77b10f653cddc3b93d0ae974b01b253f0468a02c169c9fc0eb2c Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/15 3:12 a.m.4 views

MAL-2026-2677 Malicious code in pdf-linker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14402ea1542260a2cb6471902d5e0d037fecb136e1f2b2995b2741eb775f495d The package pdf-linker was found to contain malicious code. Source: ghsa-malware b496570e3a5a77b10f653cddc3b93d0ae974b01b253f0468a02c169c9fc0eb2c Any...

5.7AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/14 11:25 p.m.8 views

SUSE CVE-2026-34983

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

1CVSS5.8AI score0.00117EPSS
Exploits0References3
OSV
OSV
added 2026/04/13 8:40 a.m.9 views

CLSA-2026-1776069613 Fix CVE(s): CVE-2026-3441, CVE-2026-3442

SECURITY UPDATE: buffer overflow in xcoff linker - debian/patches/CVE-2026-3441CVE-2026-3442.patch: properly bounds check XTYLD xscnlen index in xcofflinkaddsymbols - CVE-2026-3441 SECURITY UPDATE: out-of-bounds read in xcoff linker - debian/patches/CVE-2026-3441CVE-2026-3442.patch: sanity check...

7.1CVSS6AI score0.00245EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/04/11 6:1 p.m.126 views

Exploit for Out-of-bounds Write in Netapp Bootstrap_Os

CVE-2023-4911 "Looney Tunables" 분석 환경 GNU C Libraryglibc...

7.8CVSS6.9AI score0.81422EPSS
Exploits27
RedhatCVE
RedhatCVE
added 2026/04/09 10:46 p.m.5 views

CVE-2026-34983

A flaw was found in Wasmtime, a runtime for WebAssembly. This vulnerability allows for a use-after-free condition when a host application incorrectly clones and then drops a wasmtime::Linker instance before its cloned counterpart is used. This can lead to unpredictable program behavior and...

5CVSS5.8AI score0.00117EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/09 8:23 p.m.11 views

Wasmtime has use-after-free bug after cloning `wasmtime::Linker`

Impact In version 43.0.0 of the wasmtime crate, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. The typical symptom of this...

5CVSS5.9AI score0.00117EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/09 8:23 p.m.6 views

GHSA-HFR4-7C6C-48W2 Wasmtime has use-after-free bug after cloning `wasmtime::Linker`

Impact In version 43.0.0 of the wasmtime crate, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. The typical symptom of this...

1CVSS5.8AI score0.00117EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/09 8:23 p.m.4 views

EUVD-2026-21029

Wasmtime has use-after-free bug after cloning wasmtime::Linker...

1CVSS5.9AI score0.00117EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 7:16 p.m.8 views

PYSEC-2026-151

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

5CVSS5.8AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 7:16 p.m.10 views

CVE-2026-34983

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

5CVSS0.00117EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 7:16 p.m.5 views

DEBIAN-CVE-2026-34983

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

5CVSS5.4AI score0.00117EPSS
Exploits0References1
PyPA
PyPA
added 2026/04/09 7:16 p.m.33 views

PYSEC-2026-151

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

5CVSS5.8AI score0.00117EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder