Lucene search
+L

121 matches found

cvelist
cvelist
added 2 days ago29 views

CVE-2026-30618

xszyou Fay 4.3.1 contains a remote code execution vulnerability in its MCP STDIO server management and command execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and parameters, resulti...

0.0061EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.15 views

PT-2026-55457

9Router is an AI router & token saver. In 0.4.45 and earlier, 9Router's src/dashboardGuard.js local-only access gate used Host and Origin headers in isLocalRequest to protect /api/mcp/, /api/tunnel/, and /api/cli-tools/, allowing header spoofing in reverse proxy or tunnel deployments to reach MCP...

7.5CVSS6.1AI score0.00357EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.19 views

PT-2026-49607

Name of the Vulnerable Software and Affected Versions LangBot affected versions not specified Description A critical flaw in the MCP STDIO implementation allows for remote code execution within AI pipelines. Recommendations At the moment, there is no information about a newer version that contain...

8.8CVSS6.2AI score
Exploits0References5
nessus
nessus
added 2026/06/12 12:0 a.m.14 views

EulerOS Virtualization 2.13.0 : polkit (EulerOS-SA-2026-2413)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
nessus
nessus
added 2026/06/10 12:0 a.m.11 views

EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2307)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 7:19 p.m.13 views

CVE-2026-9255

Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version...

8.4CVSS5.8AI score0.00119EPSS
Exploits0References1
euvd
euvd
added 2026/05/22 4:38 p.m.11 views

EUVD-2026-31471

Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version...

8.4CVSS6.1AI score0.00119EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/22 4:38 p.m.6 views

CVE-2026-9255

Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version...

8.4CVSS6.1AI score0.00119EPSS
Exploits0References3
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Golang-1.19

On Unix platforms, the Go runtime behaves differently when a binary is run with the setuid/setgid bits enabled. This can be dangerous in certain situations, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standa...

7.8CVSS6.8AI score0.00432EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/05/19 11:42 p.m.115 views

eip-mcp

Exploit Intel Platform MCP Server Package/command: eip-mcp...

6.1AI score
Exploits0
nessus
nessus
added 2026/05/19 12:0 a.m.8 views

CentOS 9 : polkit-0.117-16.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the polkit-0.117-16.el9 build changelog. - A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References2
nvd
nvd
added 2026/05/18 8:16 p.m.20 views

CVE-2026-47091

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...

4.8CVSS0.00126EPSS
Exploits0References4
osv
osv
added 2026/05/18 7:45 p.m.3 views

CVE-2026-47091 Claude HUD 0.0.12 Path Traversal via transcript_path

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...

4.8CVSS6AI score0.00126EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/05/18 7:45 p.m.10 views

CVE-2026-47091

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...

4.8CVSS5.9AI score0.00126EPSS
Exploits0References5
euvd
euvd
added 2026/05/18 7:45 p.m.13 views

EUVD-2026-30800

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...

4.8CVSS5.9AI score0.00126EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/18 7:45 p.m.44 views

CVE-2026-47091 Claude HUD 0.0.12 Path Traversal via transcript_path

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...

4.8CVSS0.00126EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/05/18 12:0 a.m.16 views

Claude HUD 路径遍历漏洞

Claude HUD is a Claude Code plugin developed by Jarrod Watts, which displays context usage, tool states, and progress. Versions of Claude HUD prior to 0.0.12 contained a path traversal vulnerability. This vulnerability stemmed from path traversal issues, allowing attackers to read arbitrary files...

4.8CVSS6AI score0.00126EPSS
Exploits0References1
osv
osv
added 2026/05/15 11:8 p.m.10 views

CLSA-2026-1778881463 ipa: Fix of 3 CVEs

CVE-2023-5455: fix CSRF vulnerability by adding Referer header check to all session endpoints - CVE-2024-1481: validate Kerberos principal name before kinit and pass it with -- separator to prevent option injection - CVE-2024-11029: scrub administrative passwords from process command line and...

6.5CVSS6.2AI score0.0111EPSS
Exploits1References1
euvd
euvd
added 2026/05/11 6:31 p.m.9 views

EUVD-2026-29140

OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODEOPTIONS, LDPRELOAD, or BASHENV to spawne...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References5
cve
cve
added 2026/04/21 9:0 p.m.149 views

CVE-2026-40933

Flowise: Authenticated RCE via MCP adapters. Prior to 3.1.0, unsafe serialization of stdio commands in the MCP adapter allows an authenticated attacker to add an MCP stdio server and run arbitrary OS commands, due to a bug in input sanitization in the Custom MCP configuration (http://localhost:30...

9.9CVSS6.6AI score0.01987EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder