CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE-2026-44691

CVE-2026-44691 affects Eclipse Theia versions before 1.69.0. The issue arises when custom task definitions in workspace files (e.g., .theia/tasks.json, .vscode/tasks.json) can be executed without workspace trust, potentially enabling arbitrary commands to run with the user’s privileges if a malic...

8.4CVSS5.8AI score

Exploits0References1

EUVD•added 7 hours ago•4 views

EUVD-2026-37899

In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or extend the AI agent's system prompts. An attacker could craft a malicious repository containing prompt template files that, when the...

8.4CVSS5.6AI score

Exploits0References1

EUVD•added yesterday•4 views

EUVD-2026-37581

Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue...

4.9CVSS5.1AI score0.00197EPSS

Exploits0References3

NVD•added yesterday•3 views

CVE-2026-41280

4.9CVSS0.00197EPSS

Exploits0References2

Cvelist•added yesterday•20 views

CVE-2026-41280 Apache DolphinScheduler: Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects

0.00197EPSS

Exploits0References1

ATTACKERKB•added 2026/02/12 9:57 p.m.•4 views

CVE-2026-26225

Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...

8.5CVSS5.7AI score0.00181EPSS

Exploits0References6