Lucene search
K

4869 matches found

ATTACKERKB
ATTACKERKB
added 8 hours ago7 views

CVE-2026-15531

A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file runnerf.py of the component Checkpoint File Handler. The manipulation of the argument ckptpath leads to deserialization. The...

5.3CVSS5.6AI score
Exploits0References7
EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-43273

A vulnerability was found in lamaalrajih kicad-mcp up to 3.3.1. This issue affects some unknown processing of the file kicadmcp/utils/pathvalidator.py. Performing a manipulation of the argument projectpath/schematicpath results in protection mechanism failure. Attacking locally is a requirement...

4.8CVSS5.8AI score
Exploits0References6
CVE
CVE
added 9 hours ago7 views

CVE-2026-15528

CVE-2026-15528 affects lamaalrajih/kicad-mcp up to 3.3.1. The vulnerability is in kicad_mcp/utils/path_validator.py where manipulating the arguments project_path or schematic_path causes a protection mechanism failure. Local exploitation is required, and the exploit has been made public. The proj...

4.8CVSS5.8AI score
Exploits0References6
CVE
CVE
added 10 hours ago7 views

CVE-2026-15526

A vulnerability in augmnt augments-mcp-server 7.1.0 affects the function scanProjectDeps (src/tools/v4/scan-project-deps.ts) of the scan_project_deps component. The issue arises from manipulating the argument packageJsonPath, enabling path traversal. The attack is local, and a proof-of-concept/ex...

4.8CVSS5.6AI score
Exploits0References6
CVE
CVE
added 11 hours ago9 views

CVE-2026-15521

The CVE applies to makafeli n8n-workflow-builder up to 0.11.0. Vulnerable is an unknown function in build/server.cjs (update_node_from_file); manipulating the filePath argument enables path traversal. Local attack required; exploit publicly available. Project was informed via issue report but has...

5.3CVSS5.7AI score
Exploits0References6
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-21055

Improper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege...

8.5CVSS0.00121EPSS
Exploits1References1
CVE
CVE
added 4 days ago9 views

CVE-2026-15276

Symphonia (pdeljanov) up to version 0.6.0 exposes a denial-of-service vulnerability in the Metadata Handler. The issue affects unknown code paths; exploitation requires local access and a publicly published exploit exists. A fix is in a pull request but has not yet been accepted. The advisory not...

4.8CVSS5.3AI score0.0012EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-15035 bentoml OpenLLM Model Repository Directory Name common.py async_run_command command injection

A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function asyncruncommand of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a requirement...

5.3CVSS0.01338EPSS
Exploits1References7
EUVD
EUVD
added 2026/07/06 11:15 a.m.6 views

EUVD-2025-210429

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/06 11:15 a.m.6 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
CVE
CVE
added 2026/07/06 6:15 a.m.14 views

CVE-2026-14801

The CVE-2026-14801 entry concerns GPAC 26.03-DEV-rev342-g80071f700-master. The vulnerability affects the TeXML File Handler’s load_text.c: the function txtin_probe_duration, where manipulating the argument txml_timescale can cause a divide-by-zero. Impact is described as local in nature, with a p...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/06 6:15 a.m.32 views

CVE-2026-14801 GPAC TeXML File load_text.c txtin_probe_duration divide by zero

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS0.00112EPSS
Exploits0References7
CVE
CVE
added 2026/07/06 2:0 a.m.12 views

CVE-2026-14789

Affected software: radare2 (radareorg) up to 6.1.6. Vulnerability location: file libr/bin/format/mdmp/mdmp.c in the Memory64ListStream Parser. Issue: manipulation of the Memory64ListStream functionality causes a stack-based buffer overflow. Impact: local attacker can exploit; exploitation details...

7.8CVSS6.2AI score0.00153EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/07/06 12:0 a.m.4 views

UBUNTU-CVE-2026-14760

A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function rcoreseekarchbits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made availabl...

4.8CVSS5.4AI score0.00135EPSS
Exploits1References10
Cvelist
Cvelist
added 2026/07/05 3:0 p.m.39 views

CVE-2026-14758 radareorg radare2 hexpairs cmd_anal.inc.c cmd_anal_opcode integer overflow

A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmdanalopcode of the file libr/core/cmdanal.inc.c of the component hexpairs Parser. Such manipulation leads to integer overflow. The attack needs to be performed locally. The exploit is public...

4.8CVSS0.00131EPSS
Exploits1References7
CVE
CVE
added 2026/07/05 2:45 p.m.20 views

CVE-2026-14757

CVE-2026-14757 affects radare2 up to version 6.1.6. The vulnerability is in the function core_anal_bytes (libr/core/cmd_anal.inc) and causes an integer overflow when handling input locally. Public disclosures indicate a locally exploitable weakness; exploit activity is plausible according to the ...

7.8CVSS5.8AI score0.00142EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2026/07/05 2:45 p.m.5 views

CVE-2026-14757

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

7.8CVSS5.6AI score0.00142EPSS
Exploits1
EUVD
EUVD
added 2026/07/05 7:45 a.m.10 views

EUVD-2026-41736

A vulnerability was determined in AD-Security ADMiner 1.9.0. Affected is the function requesta of the file adminer/scripts/analysecache.py of the component Cache Handler. This manipulation of the argument sys.argv1 causes deserialization. The attack can only be executed locally. The pull request ...

5.3CVSS5.8AI score0.00121EPSS
Exploits0References7
NVD
NVD
added 2026/07/05 5:16 a.m.10 views

CVE-2026-14702

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS0.00108EPSS
Exploits0References7
OSV
OSV
added 2026/07/05 12:17 a.m.3 views

DEBIAN-CVE-2026-14684

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS5.4AI score0.0012EPSS
Exploits0References1
Rows per page
Query Builder