Lucene search
K

876 matches found

EUVD
EUVD
added 5 hours ago7 views

EUVD-2026-43578

A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A hig...

3.1CVSS5.5AI score
Exploits0References8
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42727

A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the file src/pullparser/v7400/parser.rs of the component Node Header Handler. The manipulation results in denial of service. The attack must be initiated from a local position. The exploit is now public an...

4.8CVSS5.5AI score0.0012EPSS
Exploits0References8
CVE
CVE
added 5 days ago9 views

CVE-2026-15276

Symphonia (pdeljanov) up to version 0.6.0 exposes a denial-of-service vulnerability in the Metadata Handler. The issue affects unknown code paths; exploitation requires local access and a publicly published exploit exists. A fix is in a pull request but has not yet been accepted. The advisory not...

4.8CVSS5.3AI score0.0012EPSS
Exploits0References7
CVE
CVE
added 5 days ago13 views

CVE-2026-15274

Summary of CVE-2026-15274 (lo48576 fbxcel) : Affects the product line lo48576 fbxcel up to version 0.9.0. The issue targets an unknown part of the Node Header Handler, specifically the file src/pull_parser/v7400/parser.rs, where manipulation leads to a Denial of Service. Access is required from a...

4.8CVSS5.5AI score0.0012EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-15274

A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the file src/pullparser/v7400/parser.rs of the component Node Header Handler. The manipulation results in denial of service. The attack must be initiated from a local position. The exploit is now public an...

4.8CVSS5.5AI score0.0012EPSS
Exploits0References7Affected Software1
NVD
NVD
added 6 days ago9 views

CVE-2026-54344

ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a...

4.7CVSS0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/06 1:58 p.m.6 views

CVE-2026-50015

A flaw was found in pnpm. An attacker can exploit this by contributing a malicious patch file through a pull request. During the pnpm install process, the patch application pipeline fails to validate file paths extracted from these patch files. This allows the attacker to write or delete arbitrar...

7.3CVSS6.5AI score0.0027EPSS
Exploits1References4
EUVD
EUVD
added 2026/07/06 12:0 a.m.6 views

EUVD-2026-41795

A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/06 12:0 a.m.36 views

CVE-2026-14784 vxcontrol PentAGI Docker API client.go sandbox

A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...

6.5CVSS0.00228EPSS
Exploits0References7
NVD
NVD
added 2026/07/05 11:16 a.m.10 views

CVE-2026-14738

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS0.00208EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/05 10:45 a.m.13 views

CVE-2026-14742

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score0.0016EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/07/05 10:45 a.m.8 views

EUVD-2026-41747

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score0.0016EPSS
Exploits0References7
NVD
NVD
added 2026/07/05 5:16 a.m.10 views

CVE-2026-14699

A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits...

4.8CVSS0.00137EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/05 4:0 a.m.34 views

CVE-2026-14702 zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS0.00108EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/05 12:30 a.m.7 views

CVE-2026-14687

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS5.8AI score0.00332EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/07/04 9:16 a.m.9 views

CVE-2026-14621

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS0.00299EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.14 views

PT-2026-55706

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.2.3 Description A flaw in the Parameter Handler component allows a remote attacker to cause a divide by zero error. This issue occurs within the read, write, and sys ioctl functions located in the components/lwp/l...

5.3CVSS6AI score0.00309EPSS
Exploits0References13
NVD
NVD
added 2026/07/03 9:17 p.m.8 views

CVE-2026-58424

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS0.00201EPSS
Exploits0References4
NVD
NVD
added 2026/07/03 9:16 p.m.6 views

CVE-2026-24690

Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches...

7.5CVSS0.00322EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:54 p.m.6 views

CVE-2026-58424

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS5.9AI score0.00201EPSS
Exploits0References5
Rows per page
Query Builder