Lucene search
K

35 matches found

Cvelist
Cvelist
added 2026/04/26 1:0 p.m.34 views

CVE-2026-7042 666ghj MiroFish REST API Endpoint __init__.py create_app missing authentication

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function createapp of the file backend/app/init.py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published a...

7.5CVSS0.00383EPSS
Exploits0References5
CVE
CVE
added 2026/04/26 1:0 p.m.30 views

CVE-2026-7042

The CVE concerns 666ghj MiroFish REST API Endpoint (up to version 0.1.2). The flaw is in the create_app function located at backend/app/init .py, described as missing authentication. This can enable remote abuse, with a published exploit mentioned in the description. No remediation or patch detai...

7.5CVSS7AI score0.00383EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/26 12:45 p.m.5 views

CVE-2026-7041 666ghj MiroFish Werkzeug Debugger PIN console information disclosure

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation of the argument SECRET results in information disclosure. It is possible to initiate the attack...

6.3CVSS4.6AI score0.00412EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/26 12:45 p.m.14 views

EUVD-2026-25717

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation of the argument SECRET results in information disclosure. It is possible to initiate the attack...

6.3CVSS4.9AI score0.00412EPSS
Exploits0References5
CVE
CVE
added 2026/04/26 12:45 p.m.18 views

CVE-2026-7041

Affects 666ghj MiroFish up to version 0.1.2. The vulnerability lies in an unknown function handling the /console path of the Werkzeug Debugger PIN Handler. By manipulating the SECRET argument, an information disclosure is possible. Attacker can exploit remotely, with a high attack complexity and ...

6.3CVSS4.7AI score0.00412EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/26 12:45 p.m.37 views

CVE-2026-7041 666ghj MiroFish Werkzeug Debugger PIN console information disclosure

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation of the argument SECRET results in information disclosure. It is possible to initiate the attack...

6.3CVSS0.00412EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/26 12:45 p.m.10 views

CVE-2026-7041

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation of the argument SECRET results in information disclosure. It is possible to initiate the attack...

6.3CVSS4.5AI score0.00412EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.6 views

PT-2026-35238

A vulnerability was found in 666ghj MiroFish up to 0.1.2. This affects the function get simulation posts of the file backend/app/api/simulation.py of the component Query Parameter Handler. Performing a manipulation of the argument Platform results in path traversal. The attack can be initiated...

6.9CVSS5.1AI score0.0044EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.12 views

MiroFish 注入漏洞

MiroFish is a crowd intelligence prediction engine developed by BaiFu personally. It is used to simulate and predict the future. Versions of MiroFish 0.1.2 and earlier have a vulnerability related to command injection, which stems from the SimulationIPCClient.sendcommand function in the...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.9 views

MiroFish 路径遍历漏洞

MiroFish is a crowd intelligence prediction engine developed by BaiFu personally. It is used to simulate and predict the future. Versions of MiroFish prior to 0.1.2 have a path traversal vulnerability. This vulnerability stems from improper handling of the Platform parameter in the...

6.9CVSS6.1AI score0.0044EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.6 views

PT-2026-35237

A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.send command of the file backend/app/services/simulation ipc.py of the component Inter-Process Communication. Such manipulation leads to command injection. It is possible to...

7.5CVSS5.2AI score0.01338EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.9 views

MiroFish 信息泄露漏洞

MiroFish is a crowd intelligence prediction engine developed by BaiFu personally. It is used to simulate and predict the future. Versions of MiroFish prior to 0.1.2 have a vulnerability related to information leakage. This vulnerability stems from improper handling of the SECRET parameter in the...

6.3CVSS5.8AI score0.00412EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.10 views

PT-2026-35223

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation of the argument SECRET results in information disclosure. It is possible to initiate the attack...

6.3CVSS4.9AI score0.00412EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.10 views

MiroFish 授权问题漏洞

MiroFish is a crowd intelligence prediction engine developed by BaiFu personally. It is used to simulate and predict the future. Versions of MiroFish prior to 0.1.2 have a licensing issue vulnerability. This vulnerability stems from improper handling of the createapp function in the REST API...

7.5CVSS7.1AI score0.00383EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.10 views

PT-2026-35224

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create app of the file backend/app/ init .py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been publishe...

7.5CVSS5.1AI score0.00383EPSS
Exploits0References5
Rows per page
Query Builder