Lucene search
K

5 matches found

NVD
NVD
added 2026/06/22 6:16 p.m.12 views

CVE-2026-53537

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...

5.3CVSS0.00177EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/19 4:18 p.m.32 views

Envoy AI Proxy - MCP Message Smuggling Vulnerability

Envoy AI Gateway was found to be affected by a protocol parser differential vulnerability due to improper implementation of the JSON-RPC 2.0 specification. Such differential causes a MCP message alteration, potentially causing a bypass of security controls in a multi-layered architecture. Accordi...

5.9AI score
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-15449

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0088EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.8 views

ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name as demonstrated by 'constructor': {'name':'Symbol'}. Hence a crafted payload can overwrite this builtin attribute to manipulate the type detection result.

...

7.5CVSS7.7AI score0.02278EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/01/24 2:2 p.m.6 views

CVE-2022-0270

Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups...

8.8CVSS7.6AI score0.0088EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder