Lucene search
K

19614 matches found

Cvelist
Cvelist
added 2 days ago11 views

CVE-2026-54769 Langroid: Sandbox Escape to Remote Code Execution via Incomplete `eval()` Mitigation in TableChatAgent

Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2 are vulnerable to a critical Sandbox Escape leading to Remote Code Execution RCE in its TableChatAgent and VectorStore capabilities. When these agents evaluate LLM-generated tool messages with...

10CVSS0.00912EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-59875

A flaw was found in node-tar, a library for manipulating tar archives in Node.js. A remote attacker could craft a malicious archive containing null characters NUL bytes in its metadata. When this archive is processed, the unstripped null characters can cause the application to terminate...

5.3CVSS5.9AI score0.00291EPSS
Exploits0References6
NVD
NVD
added 2 days ago7 views

CVE-2026-0285

A server-side request forgery SSRF vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimize...

7CVSS0.00487EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago3 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2 days ago6 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS5.9AI score0.00251EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-35188

A flaw was found in OpenSSL. A malicious server can exploit the TLS Online Certificate Status Protocol OCSP stapling feature by sending a specially crafted response. This can trigger a double-free vulnerability in the client's certificate verification process, potentially leading to a Denial of...

5.9CVSS7.2AI score0.00245EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago8 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

9.6CVSS6AI score0.00476EPSS
Exploits0References30
RedHat Linux
RedHat Linux
added 2 days ago6 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS5.9AI score0.00251EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2 days ago7 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-15163

A flaw was found in Wireshark. A local user could trigger multiple protocol dissector infinite loops by providing specially crafted network traffic for analysis. This could lead to a Denial of Service DoS condition, making the application unresponsive. Mitigation To mitigate this issue, users...

7.5CVSS5.9AI score0.00187EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-15172

A flaw was found in Wireshark. A local user could exploit this vulnerability by processing a specially crafted FMP/NOTIFY protocol packet. This could lead to a denial of service DoS due to a crash in the protocol dissector, making the application unavailable. Mitigation To mitigate this issue,...

5.5CVSS5.9AI score0.00097EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago117 views

WordPress Site Editor <=1.1.1 - Local File Inclusion

WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajaxpath parameter to editor/extensions/pagebuilder/includes/ajaxshortcodepattern.php. id: CVE-2018-7422 info: name: WordPress Site Editor =1.1.1 - Local File Inclusion author: LuskaBol,0x240x23elu...

7.5CVSS7.2AI score0.63102EPSS
Exploits7References5
HashiCorp Security Advisories
HashiCorp Security Advisories
added 3 days ago7 views

Memberlist vulnerable to denial of service via gossip message

Summary HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of-service issue in its push/pull state handling that may allow an attacker with network access to the gossip port to exhaust memory on a receiving node and cause the process to terminate. This vulnerability CVE-2026-1436...

4.9CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
CVE
CVE
added 3 days ago17 views

CVE-2026-55436

The CVE-2026-55436 issue affects Coder’s AI Bridge Proxy (aibridgeproxyd) in versions prior to 2.32.7, 2.33.8, and 2.34.2. The root cause is that the proxy’s default goproxy transport uses InsecureSkipVerify: true and only switches to a secure transport if an upstream proxy is configured; thus ou...

7.4CVSS6AI score0.00258EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-56661

Name of the Vulnerable Software and Affected Versions Location Selector versions 0.0.0 through 1.3.0 Description An SQL injection issue exists in the Location Selector module, which provides a Views filter for selecting location values. A specific Views filter fails to sufficiently sanitize value...

6.1AI score
Exploits0References3
Nuclei
Nuclei
added 4 days ago73 views

Cacti v1.2.8 - Remote Code Execution

Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...

9.3CVSS7.1AI score0.73779EPSS
Exploits24References5
RedhatCVE
RedhatCVE
added 4 days ago4 views

CVE-2026-14535

A flaw was found in the fickling library, versions up to and including 0.1.11. A logic error in the security analysis passes allows an attacker to bypass intended safety checks during pickle deserialization. This vulnerability enables the invocation of arbitrary standard library modules, leading ...

9.8CVSS6AI score0.00304EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 4 days ago6 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS5.9AI score0.00251EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 4 days ago5 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 4 days ago5 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS5.9AI score0.00251EPSS
Exploits0References6
Rows per page
Query Builder