Lucene search
K

687 matches found

Vulnrichment
Vulnrichment
added 2026/03/02 3:2 a.m.4 views

CVE-2026-3407 YosysHQ yosys BLIF File rtlil.h set heap-based overflow

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

4.8CVSS5.8AI score0.00126EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/02 3:2 a.m.6 views

EUVD-2026-9140

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

4.8CVSS5.8AI score0.00126EPSS
Exploits0References8
CNVD
CNVD
added 2026/03/02 12:0 a.m.4 views

OpenClaw Cross-Site Request Forgery Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a cross-site request forgery vulnerability that stems from a browser-oriented local host change route accepting cross-domain browser requests without explicit Origin/Referer validation, which can be...

7.1CVSS5.7AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2026/03/01 9:15 a.m.12 views

CVE-2026-3386

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...

7.1CVSS0.0017EPSS
Exploits1References6
OSV
OSV
added 2026/03/01 8:32 a.m.7 views

CVE-2026-3386 wren-lang wren wren_compiler.c emitOp out-of-bounds

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...

4.8CVSS5.4AI score0.0017EPSS
Exploits1References8
OSV
OSV
added 2026/02/27 9:33 p.m.5 views

GHSA-7777-FHQ9-592V ZITADEL has potential SSRF via Actions

Summary ZITADEL Action V2 introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0 is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. ZITADEL's Action target URLs can point to local hosts, potentially allowing...

2.1CVSS5.9AI score0.00226EPSS
Exploits0References5
NVD
NVD
added 2026/02/26 1:16 a.m.11 views

CVE-2026-27945

ZITADEL is an open source identity management platform. Zitadel Action V2 introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0 is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. Zitadel's Action target URLs...

6.5CVSS0.00226EPSS
Exploits0References3
OSV
OSV
added 2026/02/26 12:29 a.m.9 views

CVE-2026-27945 ZITADEL has potential SSRF via Actions

ZITADEL is an open source identity management platform. Zitadel Action V2 introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0 is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. Zitadel's Action target URLs...

2.1CVSS5.6AI score0.00226EPSS
Exploits0References5
CVE
CVE
added 2026/02/26 12:29 a.m.16 views

CVE-2026-27945

CVE-2026-27945 affects Zitadel Action V2/3.x leading to potential SSRF via Action target URLs that point to local hosts/IPs. The issue: Action endpoints may be able to gather internal network information or reach internal services when the target URL is local, potentially exposing internal topolo...

6.5CVSS5.5AI score0.00226EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/26 12:29 a.m.4 views

CVE-2026-27945 ZITADEL has potential SSRF via Actions

ZITADEL is an open source identity management platform. Zitadel Action V2 introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0 is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. Zitadel's Action target URLs...

2.1CVSS5.5AI score0.00226EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/26 12:29 a.m.5 views

CVE-2026-27945

ZITADEL is an open source identity management platform. Zitadel Action V2 introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0 is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. Zitadel's Action target URLs...

6.5CVSS5.5AI score0.00226EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/02/25 10:57 p.m.7 views

EUVD-2026-8685

esm.sh has SSRF localhost/private-network bypass in /https module route...

8.6CVSS8.2AI score0.00339EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2026/02/23 3:53 p.m.178 views

Exploit for Command Injection in Microsoft

CVE-2025-54100-BYPASS- CVE-2025-54100 POC "simple" Bypass Patc...

7.8CVSS6.3AI score0.01523EPSS
Exploits5
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.10 views

OpenClaw 跨站请求伪造漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a cross-site request forgery vulnerability that stems from a browser-oriented local host change route accepting cross-domain browser requests without explicit Origin/Referer validation, which can be...

7.1CVSS5.7AI score0.0014EPSS
Exploits0References3
NVD
NVD
added 2026/02/18 6:16 a.m.7 views

CVE-2026-2641

A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack on t...

4.8CVSS0.00154EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/18 6:16 a.m.5 views

CVE-2026-2641

A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack on t...

4.8CVSS5.6AI score0.00154EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/16 9:30 a.m.7 views

EUVD-2026-6120

A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability is an unknown functionality of the file C:\Program Files\Total VPN\win-service.exe. Executing a manipulation can lead to unquoted search path. It is possible to launch the attack on the local host. Thi...

7.3CVSS5AI score0.00157EPSS
Exploits0References5
CVE
CVE
added 2026/02/16 6:32 a.m.18 views

CVE-2026-2542

CVE-2026-2542 affects Total VPN 0.5.29.0 on Windows, where an unknown functionality in C:\Program Files\Total VPN\win-service.exe can be manipulated to yield an unquoted search path. This results in a local attack nameable as a path ambiguity issue. The vulnerability is described as high severity...

7.3CVSS6.3AI score0.00157EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.12 views

PT-2026-8316

Name of the Vulnerable Software and Affected Versions Total VPN version 0.5.29.0 Description A security issue exists in Total VPN 0.5.29.0 on Windows related to an unquoted search path within the file C:Program FilesTotal VPNwin-service.exe. This can lead to potential local privilege escalation...

7.3CVSS6.8AI score0.00157EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.8 views

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-7546)

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has bee...

7.8CVSS5.3AI score0.00172EPSS
Exploits0References2
Rows per page
Query Builder