Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/14 1:59 p.m.7 views

Security Bulletin: Security vulnerability in JavaScript affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in JavaScript affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. JavaScript is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fix...

7.5CVSS7AI score0.00044EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/08 6:45 a.m.8 views

Security Bulletin: IBM Automation Decision Services for April 2026- Multiple CVEs addressed

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Automation Decision Services. See full list below. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8....

9.6CVSS7.5AI score0.00135EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/24 9:49 p.m.13 views

Security Bulletin: Multiple vulnerabilities in IBM Watsonx BI Assistant for CP4D

Summary Multiple vulnerabilities were addressed in IBM Watsonx BI Assistant for CP4D version 5.3.1.2 Vulnerability Details CVEID:CVE-2026-26278 DESCRIPTION: fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no...

8.7CVSS7AI score0.00112EPSS
Exploits7Affected Software1
Debian CVE
Debian CVEadded 2026/02/09 8:11 p.m.4 views

CVE-2026-25639

Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing proto as an own property. An attacker can trigger this by providing a malicious...

7.5CVSS6.9AI score0.00044EPSS
Exploits1
Github Security Blog
Github Security Blogadded 2026/02/09 5:46 p.m.70 views

Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig

Denial of Service via proto Key in mergeConfig Summary The mergeConfig function in axios crashes with a TypeError when processing configuration objects containing proto as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse, causing...

7.5CVSS5.8AI score0.00044EPSS
Exploits1References9Affected Software1
CNNVD
CNNVDadded 2026/02/09 12:0 a.m.3 views

Axios 代码问题漏洞

Axios is an open-source HTTP client developed by Axios. Versions of Axios prior to 1.13.5 had code vulnerabilities. These vulnerabilities stemmed from a crash that occurred when the mergeConfig function processed configuration objects containing the proto attribute, which could lead to a...

7.5CVSS7.1AI score0.00044EPSS
Exploits1References7
Rows per page
Query Builder