Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40978 matches found

EUVD
EUVDadded 2026/04/28 2:45 a.m.11 views

EUVD-2026-25974

A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function iscmdstringvalid of the file /boafrm/formWsc of the component libapmib.so. Performing a manipulation of the argument localPin results in buffer overflow. The attack is possible to be carried out...

8.6CVSS7.6AI score0.00463EPSS
Exploits0References5
CVE
CVEadded 2026/04/28 2:45 a.m.14 views

CVE-2026-7218

The CVE-2026-7218 affects Totolink N300RT (version 3.4.0-B20250430). The vulnerable element is the is_cmd_string_valid function in the file /boafrm/formWsc of libapmib.so; altering the argument localPin can trigger a buffer overflow. This vulnerability can be exploited remotely, and public exploi...

8.6CVSS7.7AI score0.00463EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/28 2:30 a.m.2 views

CVE-2026-7217 Deepractice PromptX Document File index.ts read_pdf absolute path traversal

A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function readdocx/readxlsx/readpptx/listxlsxsheets/readpdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of the argument path leads t...

6.9CVSS5.4AI score0.0044EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/28 2:30 a.m.2 views

CVE-2026-7217

A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function readdocx/readxlsx/readpptx/listxlsxsheets/readpdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of the argument path leads t...

6.9CVSS5.5AI score0.0044EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/28 2:30 a.m.4 views

EUVD-2026-25973

A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function readdocx/readxlsx/readpptx/listxlsxsheets/readpdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of the argument path leads t...

6.9CVSS5.4AI score0.0044EPSS
Exploits0References5
CVE
CVEadded 2026/04/28 2:30 a.m.16 views

CVE-2026-7217

Summary: CVE-2026-7217 affects Deepractice PromptX ≤ 2.4.0. The vulnerability lies in the Document File Handler’s index.ts functions read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf, where manipulation of the argument path enables absolute path traversal. This is a remote-execution-capable...

6.9CVSS5.6AI score0.0044EPSS
Exploits0References5
NVD
NVDadded 2026/04/28 2:16 a.m.4 views

CVE-2026-7213

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

7.5CVSS0.00411EPSS
Exploits0References5
NVD
NVDadded 2026/04/28 2:16 a.m.5 views

CVE-2026-7212

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

7.5CVSS0.0041EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/28 2:0 a.m.32 views

CVE-2026-7215 egtai gmx-vmd-mcp VMD Launch mcp_server.py launch_vmd_gui_tool command injection

A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launchvmdguitool of the file mcpserver.py of the component VMD Launch Handler. The manipulation of the argument structurefile/trajectoryfile results in command injection. The attack may be launch...

7.5CVSS0.01338EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/28 2:0 a.m.5 views

EUVD-2026-25971

A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launchvmdguitool of the file mcpserver.py of the component VMD Launch Handler. The manipulation of the argument structurefile/trajectoryfile results in command injection. The attack may be launch...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References5
CVE
CVEadded 2026/04/28 2:0 a.m.13 views

CVE-2026-7215

A CVE-2026-7215 exists in egtai gmx-vmd-mcp up to 0.1.0 affecting the VMD Launch Handler’s mcp_server.py; specifically, the function launch_vmd_gui_tool is vulnerable due to manipulation of the structure_file/trajectory_file arguments, enabling command injection. Access may be remote, and publicl...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/28 1:45 a.m.4 views

EUVD-2026-25967

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function readfile/writefile/listfiles/fileinf of the file src/server.py. The manipulation of the argument WORKSPACEPATH leads to path traversal. The attack may be initiated remotely. The...

7.5CVSS7.2AI score0.0041EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/28 1:45 a.m.30 views

CVE-2026-7214 eghuzefa engineer-your-data server.py file_inf path traversal

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function readfile/writefile/listfiles/fileinf of the file src/server.py. The manipulation of the argument WORKSPACEPATH leads to path traversal. The attack may be initiated remotely. The...

7.5CVSS0.0041EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/28 1:45 a.m.3 views

CVE-2026-7214

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function readfile/writefile/listfiles/fileinf of the file src/server.py. The manipulation of the argument WORKSPACEPATH leads to path traversal. The attack may be initiated remotely. The...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/28 1:45 a.m.4 views

CVE-2026-7214 eghuzefa engineer-your-data server.py file_inf path traversal

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function readfile/writefile/listfiles/fileinf of the file src/server.py. The manipulation of the argument WORKSPACEPATH leads to path traversal. The attack may be initiated remotely. The...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References4
CVE
CVEadded 2026/04/28 1:45 a.m.19 views

CVE-2026-7214

CVE-2026-7214 affects the eghuzefa engineer-your-data project up to version 0.1.3. The vulnerability targets functions read_file, write_file, list_files, and file_inf in src/server.py and stems from manipulating WORKSPACE_PATH to cause path traversal. The issue can be exploited remotely, and a pu...

7.5CVSS7.2AI score0.0041EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/28 1:30 a.m.28 views

CVE-2026-7213 ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

7.5CVSS0.00411EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/28 1:30 a.m.5 views

EUVD-2026-25966

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

7.5CVSS7.1AI score0.00411EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/28 1:30 a.m.2 views

CVE-2026-7213

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

7.5CVSS7AI score0.00411EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/28 1:30 a.m.3 views

CVE-2026-7213 ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

7.5CVSS7AI score0.00411EPSS
Exploits0References5
Rows per page
Query Builder