Lucene search
K

15920 matches found

NVD
NVD
added yesterday7 views

CVE-2026-15524

A security vulnerability has been detected in alioshr memory-bank-mcp up to 0.2.1/3.1. This affects an unknown part of the file list-project-files-validation-factory.ts. Such manipulation of the argument projectName leads to path traversal. Local access is required to approach this attack. The...

4.8CVSS0.00137EPSS
Exploits0References6
NVD
NVD
added yesterday6 views

CVE-2026-15520

A vulnerability was determined in GNU LibreDWG 0.13.4-154-g0b573035. This impacts the function decompressR2004section of the file src/decode.c of the component R2004 Section Decompression. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The explo...

5.3CVSS0.00136EPSS
Exploits0References10
EUVD
EUVD
added yesterday8 views

EUVD-2026-43266

A security vulnerability has been detected in alioshr memory-bank-mcp up to 0.2.1/3.1. This affects an unknown part of the file list-project-files-validation-factory.ts. Such manipulation of the argument projectName leads to path traversal. Local access is required to approach this attack. The...

4.8CVSS5.8AI score0.00137EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday9 views

CVE-2026-15520 GNU LibreDWG R2004 Section Decompression decode.c decompress_R2004_section heap-based overflow

A vulnerability was determined in GNU LibreDWG 0.13.4-154-g0b573035. This impacts the function decompressR2004section of the file src/decode.c of the component R2004 Section Decompression. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The explo...

5.3CVSS0.00136EPSS
Exploits0References10
CVE
CVE
added yesterday11 views

CVE-2026-15520

GNU LibreDWG 0.13.4-154-g0b573035 contains a vulnerability in the function decompress_R2004_section (src/decode.c) that can cause a heap-based buffer overflow . Exploitation requires local access and has been publicly disclosed. The issue affects the R2004 Section Decompression component and is a...

5.3CVSS6.1AI score0.00136EPSS
Exploits0References10
EUVD
EUVD
added yesterday10 views

EUVD-2026-43263

A vulnerability was determined in GNU LibreDWG 0.13.4-154-g0b573035. This impacts the function decompressR2004section of the file src/decode.c of the component R2004 Section Decompression. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The explo...

5.3CVSS6.1AI score0.00136EPSS
Exploits0References10
NVD
NVD
added 2 days ago9 views

CVE-2026-15476

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...

5.3CVSS0.00103EPSS
Exploits0References6
CVE
CVE
added 4 days ago6 views

CVE-2026-49213

TypeBot prior to version 3.17.2 contains an SSRF protection bypass in the shared validator (packages/lib/src/ssrf/validateHttpReqUrl.ts). The validator allows the IPv6 unspecified address :: (and its expanded form) to bypass local, metadata, and private range checks, enabling a workspace editor/c...

8.1CVSS6.1AI score0.00319EPSS
Exploits0References4
CVE
CVE
added 4 days ago7 views

CVE-2026-21056

Samsung Health before version 7.00.0.107 has an improper authorization flaw that enables local attackers to access information on connected devices. The issue is limited to local access with low privileges per the CVSS metrics, and the impact is confined to confidentiality of connected-device inf...

4.8CVSS5.9AI score0.00099EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-15105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in davenardella snap7 up to 1.4.3. This affects the function TS7Worker::PerformFunctionRead of the file src/core/s7server.cpp of the...

6.3CVSS6.3AI score0.00285EPSS
Exploits0References2
NVD
NVD
added 5 days ago8 views

CVE-2026-15194

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...

4.8CVSS0.00121EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-15194 Open5GS AMF context.c amf_context_final use after free

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...

4.8CVSS0.00121EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42632

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...

4.8CVSS5.6AI score0.00121EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-15194

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...

4.8CVSS5.6AI score0.00121EPSS
Exploits0References6
CVE
CVE
added 5 days ago8 views

CVE-2026-15194

Open5GS 2.7.7 has a use-after-free in AMF code via amf_context_final (src/amf/context.c). Exploitation requires local access, and public exploit code exists. Affects AMF component; no other details on vulnerable versions beyond 2.7.7 are provided. The provided documents do not specify a CVSS vect...

4.8CVSS5.6AI score0.00121EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42626

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...

5.3CVSS5.7AI score0.00683EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2025-15668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component...

4.8CVSS6AI score0.00124EPSS
Exploits0References2
Amazon
Amazon
added 6 days ago4 views

Medium: qt5-qt3d

Issue Overview: A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possib...

5.3CVSS5.2AI score0.00115EPSS
Exploits0
CVE
CVE
added last week15 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation via the KernCoreLib64.sys kernel driver. An attacker with local access can use exposed IOCTL handlers to perform arbitrary physical memory read/write and unrestricted I/O port operations without administrator privileges. This can enable ma...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
OSV
OSV
added last week3 views

PYSEC-2026-1516 Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever

A Server-Side Request Forgery SSRF vulnerability exists in the Web Research Retriever component in langchain-community langchain-community.retrievers.webresearch.WebResearchRetriever. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet...

4.8CVSS6.7AI score0.00691EPSS
Exploits1References8
Rows per page
Query Builder