CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/04/27 3:45 a.m.•12 views

CVE-2026-7084

CVE-2026-7084 affects HBAI-Ltd Toonflow-app (up to 1.1.1). The issue is in the fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts via the getCodeByLink endpoint, where manipulating the Link parameter leads to server-side request forgery. It can be exploited remotely; an exploit is...

6.5CVSS6AI score0.00018EPSS

EUVD•added 2026/04/27 3:45 a.m.•2 views

EUVD-2026-25767

6.5CVSS5AI score0.00018EPSS

Vulnrichment•added 2026/04/27 3:45 a.m.•1 views

CVE-2026-7084 HBAI-Ltd Toonflow-app getCodeByLink Endpoint getCodeByLink.ts fetch server-side request forgery

6.5CVSS6AI score0.00018EPSS

Cvelist•added 2026/04/27 3:45 a.m.•31 views

CVE-2026-7084 HBAI-Ltd Toonflow-app getCodeByLink Endpoint getCodeByLink.ts fetch server-side request forgery

6.5CVSS0.00018EPSS

ATTACKERKB•added 2026/04/27 3:45 a.m.•2 views

CVE-2026-7084

6.5CVSS5AI score0.00018EPSS

Exploits0References6Affected Software1

NVD•added 2026/04/27 12:16 a.m.•4 views

CVE-2026-7065

A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery...

7.5CVSS0.00058EPSS

Exploits0References5

CNNVD•added 2026/04/27 12:0 a.m.•4 views

MCP Chat Studio 代码问题漏洞

MCP Chat Studio is a testing and development platform for MCP servers, developed by JoeCastrom. Versions of MCP Chat Studio 1.5.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from unknown functions in the LLM Models API component file server/routes/llm.js, which...

7.5CVSS7.2AI score0.00058EPSS

6.5CVSS6.7AI score0.00018EPSS

Toonflow 代码问题漏洞

Toonflow is an AI short story production platform developed by HBAI-Ltd. Versions of Toonflow prior to 1.1.1 contained code vulnerabilities. These vulnerabilities stemmed from improper handling of parameters Link in the fetch function of the src/routes/setting/vendorConfig/getCodeByLink.ts file i...

Positive Technologies•added 2026/04/27 12:0 a.m.•6 views

PT-2026-35534

A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/provider/...path/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit has been...

7.5CVSS7AI score0.00107EPSS

Exploits1References7

7.5CVSS7.2AI score0.00058EPSS

MCP Data Visualization & Experimentation Platform 代码问题漏洞

MCP Data Visualization & Experimentation Platform is a large model context protocol developed by alejandro and his team. There are code-related vulnerabilities in MCP Data Visualization & Experimentation Platform. These vulnerabilities stem from improper use of the axios function in the...

7.5CVSS7.2AI score0.00107EPSS

NextChat 代码问题漏洞

NextChat is an open-source project developed by NextChat for quickly deploying private ChatGPT web applications. Versions of NextChat 2.16.1 and earlier have code vulnerabilities. These vulnerabilities stem from improper handling of the proxyHandler function in the file...

Exploits1References1

Positive Technologies•added 2026/04/27 12:0 a.m.•3 views

PT-2026-35350

6.5CVSS6AI score0.00018EPSS

Exploits0References7

Positive Technologies•added 2026/04/27 12:0 a.m.•1 views

PT-2026-35504

A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to...

7.5CVSS7AI score0.00058EPSS

Exploits0References8

Positive Technologies•added 2026/04/27 12:0 a.m.•5 views

PT-2026-35535

A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack...

7.5CVSS7.1AI score0.00107EPSS

Exploits1References7

Positive Technologies•added 2026/04/27 12:0 a.m.•3 views

PT-2026-35512

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.base url results in server-side request forgery. Remot...

7.5CVSS7.1AI score0.00058EPSS

Exploits0References8

Positive Technologies•added 2026/04/27 12:0 a.m.•0 views

PT-2026-35531

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validate url safe of the file src/mcp url downloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The...

7.5CVSS6.9AI score0.00054EPSS

Exploits0References5

7.5CVSS7.2AI score0.00054EPSS

MCP URL Downloader 代码问题漏洞

MCP URL Downloader is an AI assistant tool developed by Dmitry Gilemkhanov, which allows downloading files from URLs to a local device. Versions of MCP URL Downloader 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6 and earlier have code vulnerabilities. These vulnerabilities stem from improper handling ...