Lucene search
K

19501 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45468

Name of the Vulnerable Software and Affected Versions CloudPirates Open Source Helm Charts versions prior to commit fcf9302 Description A GitHub Actions workflow named 'generate-schema.yaml' exposes sensitive credentials, specifically a Personal Access Token and an SSH signing key, to code...

10CVSS5.3AI score0.0026EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from insufficient permission checks, potentially leading to local privilege escalation...

7.8CVSS5.3AI score0.00072EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

SourceCodester Pet Grooming Management Software 安全漏洞

SourceCodester Pet Grooming Management Software is an open-source pet grooming management system developed by SourceCodester. Version 1.0 of SourceCodester Pet Grooming Management Software contains a security vulnerability. This vulnerability arises from improper operations with files in the admi...

6.9CVSS5.6AI score0.00329EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

SourceCodester Pharmacy Sales and Inventory System 安全漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Versions of the SourceCodester Pharmacy Sales and Inventory System prior to version 1.0 contained security vulnerabilities. These vulnerabilities were...

5.8CVSS5AI score0.00248EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

goclaw 授权问题漏洞

Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier have a vulnerability related to authorization. This vulnerability stems from improper authorization in the auth function within the internal/http/evolutionhandlers.go file,...

5.5CVSS5.8AI score0.0023EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

droidclaw 安全漏洞

Droidclaw is an open-source AI tool developed by Unitedby AI U/AI, which allows for control of Android phones through natural language commands. Droidclaw versions 0.5.3 and earlier contain security vulnerabilities. These vulnerabilities stem from an improper limit on the number of authentication...

6.3CVSS5.1AI score0.00406EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by the American company Google. There are security vulnerabilities in Google Android, which stem from logical errors that may lead to the disclosure of local information...

3.3CVSS5.3AI score0.00072EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

CloakBrowser 路径遍历漏洞

CloakBrowser is an open-source browser tool developed by CloakHQ that bypasses robot detection. Versions of CloakBrowser prior to 0.3.28 contained a path traversal vulnerability. This vulnerability stemmed from the cloakserve CDP multiplexer directly using the user-provided fingerprint query...

8.8CVSS5.5AI score0.00475EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Student-Management-System 安全漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from incorrect operations with the parameter uid in the admin/ file within the Admin Endpoint component. This...

7.5CVSS6.6AI score0.00299EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from insufficient permission checks, potentially leading to local privilege escalation...

7.8CVSS5.3AI score0.00068EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

nanobot 代码问题漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from issues with server-side request forgeing in the webFetch tool. This could allow remote attackers to access...

5.3CVSS5.5AI score0.00287EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by the American company Google. There are security vulnerabilities in Google Android, which stem from permission bypasses, potentially leading to an increase in local privileges...

7.8CVSS5.3AI score0.00079EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

nanobot 安全漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained a security vulnerability. This vulnerability stemmed from a denial-of-service issue in the media download processing routine of the Matrix channel. It could allow...

5.3CVSS5.4AI score0.00268EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

nanobot 代码问题漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing issues in the Microsoft Teams channel processing program. This could allow...

7CVSS5.5AI score0.00382EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.7 views

CloudPirates Open Source Helm Charts 代码注入漏洞

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stemmed from GitHub Actions workflows exposing sensitiv...

10CVSS5.4AI score0.0026EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...

7.5CVSS5.4AI score0.0057EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/31 11:15 p.m.7 views

CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/31 4:15 p.m.31 views

CVE-2026-10193 OFCMS ComnController ComnController.java query sql injection

A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...

6.5CVSS0.00196EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.7 views

School Student Management System 授权问题漏洞

School Student Management System is an open-source tool developed by Binary Brains for managing school student information. The School Student Management System has a vulnerability related to authorization. This vulnerability stems from the parameter email in the ajaxforgotpassword function of th...

6.3CVSS5.8AI score0.00286EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Aider SQL注入漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a SQL injection vulnerability, which arises from the Code Generation Workflow component causing SQL injections. Attackers can launch attacks remotely due to this vulnerability...

6.5CVSS6.7AI score0.00204EPSS
Exploits0References6
Rows per page
Query Builder