Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/16 12:8 a.m.1 views

CVE-2026-40502

OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can...

8.8CVSS6AI score0.01042EPSS
Exploits1References4
EUVD
EUVDadded 2026/04/16 12:8 a.m.0 views

EUVD-2026-23141

OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can...

8.8CVSS6AI score0.01042EPSS
Exploits1References3
CVE
CVEadded 2026/04/16 12:8 a.m.3 views

CVE-2026-40502

OpenHarness (before commit dd1d235) contains a remote command-injection in the gateway handler that lets remote gateway users with chat access execute administrative commands (e.g., /permissions full_auto) to alter a running instance without operator authorization. The CVSS metrics indicate a net...

8.8CVSS6AI score0.01042EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/16 12:0 a.m.1 views

PT-2026-33195

OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can...

8.8CVSS6AI score0.01042EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/04/16 12:0 a.m.4 views

OpenHarness 安全漏洞

OpenHarness is a lightweight development and runtime framework for Data Intelligence Lab@HKU. Previous versions of OpenHarness had security vulnerabilities. These vulnerabilities stemmed from the /memory show command not performing file system validation on path input parameters, allowing remote...

7.1CVSS5.9AI score0.00015EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/08/24 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2016-2087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. dot dot in the server nam...

7.4CVSS7.5AI score0.13018EPSS
Exploits5References2
Packet Storm
Packet Stormadded 2018/05/15 12:0 a.m.48 views

Signal Desktop HTML Injection

Title: HTML tag injection in Signal-desktop Date Published: 14-05-2018 CVE Name: CVE-2018-10994 Class: Code injection Remotely Exploitable: Yes Locally Exploitable: No Vendors contacted: Signal.org Vulnerability Description: Signal-desktop is the standalone desktop version of the secure Signal...

0.00323EPSS
Exploits3
Rows per page
Query Builder