Lucene search
+L

244 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

SUSE SLES12 Security Update : ncurses (SUSE-SU-2026:1499-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1499-1 advisory. This update for ncurses fixes the following issue: - CVE-2025-69720: buffer overflow in function analyzestringof progs/infocmp.c bsc1259924. Tenable ha...

9.8CVSS6.1AI score0.00414EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/04/13 4:26 p.m.4 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

8.6CVSS7.2AI score0.00532EPSS
Exploits0References8
OSV
OSV
added 2026/04/02 12:31 p.m.3 views

GHSA-5226-3RVG-HP4X fast-filesystem-mcp is vulnerable to command injection through handleGetDiskUsage function

A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...

6.3CVSS6.3AI score0.0111EPSS
Exploits0References7
OSV
OSV
added 2026/03/30 5:0 p.m.3 views

CVE-2026-5125 raine consult-llm-mcp server.ts child_process.execSync os command injection

A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...

4.8CVSS5.7AI score0.0083EPSS
Exploits0References10
OSV
OSV
added 2026/03/26 6:39 p.m.5 views

CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

7.8CVSS6.5AI score0.00239EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.7 views

PT-2026-25660

Name of the Vulnerable Software and Affected Versions vanna-ai vanna versions up to 2.0.2 Description A flaw exists in the update sql/run sql function within the src/vanna/legacy/flask/ init .py file of the Endpoint component. This issue allows for server-side request forgery when a manipulation ...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.10 views

MCP Code Executor 命令注入漏洞

MCP Code Executor is a code execution server developed by bazinga012. Versions of MCP Code Executor prior to 0.3.0 have a command injection vulnerability, which stems from incorrect operations on the function installDependencies in the file src/index.ts, potentially leading to command injection...

5.3CVSS6.5AI score0.00636EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/12 9:31 a.m.5 views

EUVD-2026-11545

A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read of the file src/fe.c. This manipulation with the input 1 causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may ...

4.8CVSS5.5AI score0.00115EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/12 7:32 a.m.1 views

CVE-2026-4012

A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read of the file src/fe.c. This manipulation with the input 1 causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may ...

4.8CVSS5.5AI score0.00115EPSS
Exploits0References6
OSV
OSV
added 2026/03/03 9:31 p.m.4 views

GHSA-XC68-RRQC-QGQ3 MCP NMAP Server has an Injection vulnerability

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

6.3CVSS5.6AI score0.02569EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/03/03 7:42 a.m.15 views

CVE-2026-3409

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS5.7AI score0.00328EPSS
Exploits0References1
NVD
NVD
added 2026/03/02 5:16 a.m.8 views

CVE-2026-3409

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS0.00328EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/02 4:2 a.m.5 views

CVE-2026-3409 eosphoros-ai db-gpt Flow Import Endpoint import importlib.machinery.SourceFileLoader.exec_module code injection

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS6.8AI score0.00328EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/02 4:2 a.m.5 views

CVE-2026-3409

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS6.8AI score0.00328EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/02 4:2 a.m.6 views

EUVD-2026-9142

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS5.7AI score0.00328EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.10 views

PT-2026-22540

Name of the Vulnerable Software and Affected Versions eosphoros-ai db-gpt version 0.7.5 Description A security flaw exists in eosphoros-ai db-gpt version 0.7.5 related to code injection. The issue is located in the function importlib.machinery.SourceFileLoader.exec module within the file...

7.5CVSS7AI score0.00328EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.8 views

CVE-2026-2858

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

7.1CVSS5.1AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 10:16 p.m.14 views

CVE-2026-2858

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

7.1CVSS0.00124EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/20 9:32 p.m.6 views

CVE-2026-2858 wren-lang wren Source File wren_compiler.c peekChar out-of-bounds

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

4.8CVSS4.9AI score0.00124EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.12 views

PT-2026-20355

A security vulnerability has been detected in ggreer the silver searcher up to 2.2.0. The impacted element is the function search stream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed...

4.8CVSS5.1AI score0.00153EPSS
Exploits0References7
Rows per page
Query Builder