Lucene search
K

1045 matches found

vulnersOsv
vulnersOsv
added 2026/04/07 8:13 p.m.7 views

ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +504 more potentially affected by CVE-2026-35568 via io.modelcontextprotocol.sdk:mcp-core (>=0.13.0 <=1.0.0-RC3)

io.modelcontextprotocol.sdk:mcp-core MAVEN version =0.13.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.0.1, =0.1.0, =0.3.0, =2.0.0-beta.7, =1.1.0.0, =1.1.0.0, =2.0.0-M1.1 and more Source cves: CVE-2026-35568 Source advisory: OSV:GHSA-8JXR-PR72-R468...

7.6CVSS5.7AI score0.00136EPSS
Exploits0
Snyk
Snyk
added 2026/04/07 8:13 p.m.1 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the customQuery argument in the detailPlus endpoint. An attacker can execute arbitrary SQL commands by supplying crafted input remotely. Remediation There is no fixed version for tech.powerjob:powerjob-server-starter...

7.5CVSS6.2AI score0.00269EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/07 8:12 p.m.9 views

tech.powerjob:powerjob-server-starter (>=4.3.1 <=5.1.1) potentially affected by CVE-2026-5739 via tech.powerjob:powerjob-server-core (>=4.3.1 <=5.1.1)

tech.powerjob:powerjob-server-core MAVEN version =4.3.1, =4.3.1, =5.1.1 Source cves: CVE-2026-5739 Source advisory: SNYK:JAVA-TECHPOWERJOB-15928844...

7.5CVSS7.1AI score0.00388EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 4:14 p.m.8 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-4277 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-4277 Source advisory: SNYK:PYTHON-DJANGO-15923568...

9.8CVSS5.4AI score0.00458EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:30 p.m.6 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-3902 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-3902 Source advisory: OSV:GHSA-MVFQ-GGXM-9MC5...

7.5CVSS5.4AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:30 p.m.10 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-33034 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-33034 Source advisory: OSV:GHSA-933H-HP56-HF7M...

7.5CVSS5.4AI score0.00769EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:17 p.m.10 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-4277 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-4277 Source advisory: OSV:PYSEC-2026-52...

9.8CVSS5.4AI score0.00458EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/30 5:26 p.m.6 views

ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +504 more potentially affected by CVE-2026-34237 via io.modelcontextprotocol.sdk:mcp-core (>=0.13.0 <=0.18.2)

io.modelcontextprotocol.sdk:mcp-core MAVEN version =0.13.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.0.1, =0.1.0, =0.3.0, =2.0.0-beta.7, =1.1.0.0, =1.1.0.0, =2.0.0-M1.1 and more Source cves: CVE-2026-34237 Source advisory: OSV:GHSA-HV2W-8MJJ-JW22...

6.1CVSS7.2AI score0.00222EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/30 5:26 p.m.8 views

com.agentsflex:agents-flex-bom (>=2.1.1 <=2.1.7), com.agentsflex:agents-flex-mcp (>=2.0.0 <=2.1.7) +28 more potentially affected by CVE-2026-34237 via io.modelcontextprotocol.sdk:mcp-core (=1.0.0)

io.modelcontextprotocol.sdk:mcp-core MAVEN version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.modelcontextprotocol.sdk:mcp-core and may be impacted: - com.agentsflex:agents-flex-bom =2.1.1, =2.0.0, =2.1.1, =2.0.4, =0.1.1, =0.1.1,...

6.1CVSS7.2AI score0.00222EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 7:20 a.m.14 views

com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...

8.6CVSS5.8AI score0.00353EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 7:20 a.m.7 views

com.embabel.agent:embabel-agent-bedrock-autoconfigure (=0.2.0), com.embabel.agent:embabel-agent-starter-bedrock (=0.2.0) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.0.0-M7 <=1.0.4)

org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.0.0-M7, =1.0.0, =1.0.0, =1.0.4 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...

8.6CVSS5.8AI score0.00353EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 7:18 a.m.8 views

com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-22744 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791529...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:31 a.m.9 views

com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-22744 Source advisory: OSV:GHSA-44F4-GVWJ-6QG3...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:31 a.m.9 views

io.gitee.yeshizhe:echoparrot-application (=25.2.5), io.gitee.yeshizhe:echoparrot-core (=25.2.5) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22743 Source advisory: OSV:GHSA-7CJ7-RCW6-P68V...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:31 a.m.8 views

ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +169 more potentially affected by CVE-2026-22738 via org.springframework.ai:spring-ai-vector-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-vector-store MAVEN version =1.1.0-M1, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =25.4.0, =1.21.2, =0.1.0, =0.3.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-22738 Source advisory: OSV:GHSA-FVH3-672C-7P6C...

9.8CVSS5.7AI score0.00821EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:18 a.m.12 views

ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +169 more potentially affected by CVE-2026-22738 via org.springframework.ai:spring-ai-vector-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-vector-store MAVEN version =1.1.0-M1, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =25.4.0, =1.21.2, =0.1.0, =0.3.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-22738 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791528...

9.8CVSS5.7AI score0.00821EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.4 views

CVE-2026-4549

A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. Affected by this issue is the function openCustomerPortal of the file actions/open-customer-portal.ts of the component Stripe API. This manipulation causes authorization bypass. Remote exploitation of the attack is possible. The...

3.1CVSS5.1AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.4 views

CVE-2026-4269

A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore Starter Toolkit before...

7.5CVSS6.5AI score0.00242EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/22 3:31 p.m.7 views

EUVD-2026-14304

A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may...

5.3CVSS5.5AI score0.00209EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/22 3:31 p.m.6 views

EUVD-2026-14306

A vulnerability was detected in mickasmt next-saas-stripe-starter 1.0.0. Affected by this vulnerability is the function updateUserrole of the file actions/update-user-role.ts. The manipulation of the argument userId/role results in improper authorization. The attack may be launched remotely...

6.5CVSS6.4AI score0.00195EPSS
Exploits0References4
Rows per page
Query Builder