Lucene search
K

10701 matches found

Cvelist
Cvelist
added 2026/06/23 4:21 p.m.50 views

CVE-2026-55447 Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, an attacker can direct the node to read any file on the file-system by absolute path. All components based on BaseFileComponent are vulnerable to t...

9.6CVSS0.00411EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/22 1:35 a.m.9 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for NVIDIA for RHEL 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS5.9AI score0.00321EPSS
Exploits11References4
NVD
NVD
added 2026/06/17 6:18 p.m.26 views

CVE-2026-53805

NVIDIA Spatial Intelligence Lab's SIL GEN3C contains an unauthenticated remote code execution vulnerability in the inference API server where the /request-inference and /seed-model endpoints deserialize raw HTTP request bodies using Python's pickle.loads without authentication or input validation...

9.8CVSS0.00685EPSS
Exploits0References4
CVE
CVE
added 2026/06/17 4:44 p.m.24 views

CVE-2026-53805

CVE-2026-53805 affects NVIDIA Spatial Intelligence Lab’s GEN3C. It describes an unauthenticated remote code execution vulnerability in the inference API server, exploitable via /request-inference and /seed-model endpoints that deserialize raw HTTP bodies with Python pickle.loads() without authent...

9.8CVSS6.3AI score0.00685EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50511

Name of the Vulnerable Software and Affected Versions NVIDIA Spatial Intelligence Lab's SIL GEN3C affected versions not specified Description The inference API server contains an unauthenticated remote code execution flaw. The endpoints '/request-inference' and '/seed-model' deserialize raw HTTP...

9.8CVSS6.8AI score0.00685EPSS
Exploits0References9
NVD
NVD
added 2026/06/16 5:16 p.m.17 views

CVE-2026-24155

NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS0.00193EPSS
Exploits0References3
NVD
NVD
added 2026/06/16 5:16 p.m.13 views

CVE-2026-24228

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00161EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 4:9 p.m.19 views

CVE-2026-24228

NVIDIA NeMo Framework for Linux contains a vulnerability where deserialization of untrusted data may lead to code execution, privilege escalation, data tampering, and information disclosure. The connected NVIDIA security bulletin confirms affected product: NVIDIA NeMo Framework for Linux, with af...

7.8CVSS5.6AI score0.00161EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/16 4:9 p.m.18 views

EUVD-2026-37130

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.5AI score0.00161EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 4:8 p.m.15 views

EUVD-2026-37129

NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS5.3AI score0.00193EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 4:8 p.m.15 views

CVE-2026-24155

CVE-2026-24155 affects NVIDIA NeMo Framework for all platforms, described as a code injection vulnerability (CWE-94) that can lead to code execution, privilege escalation, information disclosure, and data tampering. The NVIDIA security bulletin states that CVE-2026-24155 is addressed by updating ...

7.8CVSS5.4AI score0.00193EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/16 4:8 p.m.33 views

CVE-2026-24155

NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS0.00193EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49726

Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework for Linux affected versions not specified Description An issue exists where an attacker may cause deserialization of untrusted data. Deserialization is the process of converting a data stream back into an object. A...

7.8CVSS5.5AI score0.00161EPSS
Exploits0References5
Nvidia
Nvidia
added 2026/06/16 12:0 a.m.10 views

Security Bulletin: NVIDIA NeMo - June 2026

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.7.3 or later from the NVIDIA-NeMo/NeMo GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this...

7.8CVSS5.8AI score0.00193EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49725

Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework affected versions not specified Description NVIDIA NeMo Framework contains a code injection flaw. A successful exploit could lead to arbitrary code execution, escalation of privileges, information disclosure, and data...

7.8CVSS5.5AI score0.00193EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.19 views

PT-2026-49092

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.5 Description The KVM/QEMU monitoring engine in the glances/plugins/vms/engines/virsh.py file fails to sanitize VM domain names retrieved from the virsh list --all output. These names are passed into f-string...

7.8CVSS6.3AI score0.00213EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/12 7:50 p.m.11 views

Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for NVIDIA for RHEL 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

9.8CVSS4.8AI score0.00563EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.12 views

CVE-2026-24181

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.14 views

EUVD-2026-35498

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 5:17 p.m.15 views

CVE-2026-24180

NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS0.00154EPSS
Exploits0References3
Rows per page
Query Builder