Lucene search
K

485 matches found

EUVD
EUVD
added 2026/05/20 10:38 a.m.11 views

EUVD-2026-31093

Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+3230...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 10:29 a.m.42 views

CVE-2026-22314

Improper Control of Generation of Code 'Code Injection' vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

9CVSS0.00387EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 10:29 a.m.14 views

CVE-2026-22314

The CVE-2026-22314 entry concerns Mesalvo Meona’s Client Launcher Component and Meona Server Component, affected by an Improper Control of Generation of Code (Code Injection) vulnerability that enables code execution on other users’ systems. According to the data, the Client Launcher Component is...

9CVSS6.2AI score0.00387EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 10:29 a.m.8 views

CVE-2026-22314

Improper Control of Generation of Code 'Code Injection' vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

9CVSS6.2AI score0.00387EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 10:29 a.m.10 views

EUVD-2026-31090

Improper Control of Generation of Code 'Code Injection' vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

9CVSS6.2AI score0.00387EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.9 views

PT-2026-42142

Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server...

7.2CVSS5.8AI score0.00349EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42140

Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020...

6CVSS5.8AI score0.00101EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42143

Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

4.4CVSS5.8AI score0.00089EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42141

Improper Control of Generation of Code 'Code Injection' vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component:...

9CVSS6.2AI score0.00387EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 安全漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

7.2CVSS5.9AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 访问控制错误漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 数据伪造问题漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

4.4CVSS5.9AI score0.00089EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 5:8 p.m.10 views

CVE-2026-44582 Next.js: Cache poisoning via collisions in React Server Component cache-busting

Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions,...

3.7CVSS5.8AI score0.00203EPSS
Exploits1References1
CVE
CVE
added 2026/05/13 5:8 p.m.46 views

CVE-2026-44582

Next.js (React Server Components) versions 13.4.6–before 15.5.16 and 16.2.5 are vulnerable to cache poisoning in deployments using shared caches with insufficient response partitioning. The issue stems from collisions in the _rsc cache-busting value, which can cause an attacker to serve a poisone...

3.7CVSS5.8AI score0.00203EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/13 5:8 p.m.55 views

CVE-2026-44582 Next.js: Cache poisoning via collisions in React Server Component cache-busting

Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions,...

3.7CVSS0.00203EPSS
Exploits1References1
NVD
NVD
added 2026/05/13 4:17 a.m.10 views

CVE-2026-8201

A use-after-free vulnerability exists in MongoDB's Field-Level Encryption FLE query analysis component, affecting client-side uses of mongocryptd and cryptshared. Triggering this vulnerability requires control over the structure of a client's FLE-related query. This issue impacts MongoDB Server’s...

8.8CVSS0.00129EPSS
Exploits0References1
OSV
OSV
added 2026/05/11 3:56 p.m.6 views

GHSA-VFV6-92FF-J949 Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting

Impact React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the rsc cache-busting value can allow an attacker to poison cache entries so users receive the wron...

3.7CVSS5.8AI score0.00203EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/11 3:56 p.m.21 views

Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting

Impact React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the rsc cache-busting value can allow an attacker to poison cache entries so users receive the wron...

3.7CVSS5.8AI score0.00203EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/05/11 6:31 a.m.7 views

EUVD-2026-29022

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function getlogfile of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit...

7.2CVSS5.6AI score0.04412EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.7 views

LangChain-Chatchat 加密问题漏洞

LangChain-Chatchat is a chatbot software developed based on the LangChain framework, open-sourced by Chatchat-Space. Versions of LangChain-Chatchat 0.3.1.3 and earlier had an encryption vulnerability. This vulnerability stems from a function in the Uploaded File Handler component, specifically th...

2.6CVSS5.7AI score0.00235EPSS
Exploits0References2
Rows per page
Query Builder