Lucene search
K

16978 matches found

Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.11 views

PT-2026-6983

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue resides within the Configuration Handler component, specifically in the function sub 4208A0 located in the file /goform/set dmz...

9CVSS5.7AI score0.03818EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.6 views

CVE-2026-0782

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

8.8CVSS6.5AI score0.0148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.6 views

CVE-2026-0796

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

8.8CVSS6.5AI score0.01511EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 4:47 p.m.4 views

CVE-2021-47888 Textpattern 4.8.3 - Remote code execution

Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the uploaded file through ...

8.8CVSS6.8AI score0.00602EPSS
Exploits0References4
OSV
OSV
added 2026/01/23 4:16 a.m.2 views

CVE-2026-0796

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

8.8CVSS6.3AI score0.01511EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 4:16 a.m.3 views

CVE-2026-0788

ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

6.1CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2026/01/23 4:16 a.m.2 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2026/01/23 4:16 a.m.2 views

CVE-2025-11002

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on...

7.8CVSS6.3AI score
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 3:28 a.m.28 views

CVE-2026-0771 Langflow PythonFunction Code Injection Remote Code Execution Vulnerability

Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depending on the configuration of the product. The specific flaw exis...

7.1CVSS0.00551EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/23 3:28 a.m.6 views

CVE-2026-0768 Langflow code Code Injection Remote Code Execution Vulnerability

Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code...

9.8CVSS6.5AI score0.02035EPSS
Exploits1References1
CVE
CVE
added 2026/01/23 3:28 a.m.12 views

CVE-2026-0761

The CVE-2026-0761 issue affects Foundation Agents MetaGPT, where the function actionoutput_str_to_mapping accepts user-supplied strings without proper validation, allowing remote code execution in the service account context. Reports from Red Hat and NVD summarize the flaw as a Python code execut...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/23 3:28 a.m.3 views

CVE-2026-0761 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 3:1 a.m.4 views

CVE-2026-0795 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.5AI score0.013EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 3:1 a.m.15 views

CVE-2026-0788

ALGO 8180 IP Audio Alerter Web UI Vulnerability (CVE-2026-0788) affects the Web UI used to view syslog. The flaw arises from improper validation of user-supplied data in the syslog viewing functionality, enabling a persistent Cross-Site Scripting (XSS) attack. A remote attacker can exploit this w...

6.1CVSS6.1AI score0.00371EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/23 2:58 a.m.3 views

CVE-2026-0783 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.5AI score0.0148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:58 a.m.33 views

CVE-2026-0782 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS0.0148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

Google Gemini MCP Tool operating system command injection vulnerability

Google Gemini MCP Tool is a tool component developed by Google Inc., based on large model context protocols. Google Gemini MCP Tool has a vulnerability related to operating system command injection. This vulnerability stems from the execAsync method, which executes system calls without verifying...

9.8CVSS7.5AI score0.03336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from the lack of validation for user input strings in the web-based interface, which may lead to...

8.8CVSS7.3AI score0.0148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.5 views

ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from the lack of validation for user input strings in the web-based interface, which may lead to...

8.8CVSS7.3AI score0.0148EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/23 12:0 a.m.4 views

CVE-2025-15059

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.00744EPSS
Exploits0References5
Rows per page
Query Builder