CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/04 2:52 p.m.•45 views

CVE-2025-13605 Shell command injection in 3onedata GW1101-1D(RS-485)-TB-P modbus gateway

9.3CVSS0.00198EPSS

Exploits0References1

vulnersOsv•added 2026/05/04 9:31 a.m.•5 views

@puchunjie/doc-tools-mcp (>=1.0.11 <=1.0.14) potentially affected by CVE-2026-7738 via @puchunjie/doc-tools-mcp (=1.0.18)

@puchunjie/doc-tools-mcp NPM version =1.0.18 is affected by a known vulnerability. The following packages have a transitive dependency on @puchunjie/doc-tools-mcp and may be impacted: - @puchunjie/doc-tools-mcp =1.0.11, =1.0.14 Source cves: CVE-2026-7738 Source advisory: OSV:GHSA-GCMM-C94J-J47X...

6.5CVSS6.5AI score0.00288EPSS

Exploits0

vulnersOsv•added 2026/05/04 9:31 a.m.•5 views

@puchunjie/doc-tools-mcp (>=1.0.11 <=1.0.14) potentially affected by CVE-2026-7738 via @puchunjie/doc-tools-mcp (=1.0.18)

6.5CVSS6.5AI score0.00288EPSS

Exploits0

Github Security Blog•added 2026/05/04 9:31 a.m.•9 views

@puchunjie/doc-tools-mcp has a Path Traversal Issue

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

Exploits0References8Affected Software1

OSV•added 2026/05/04 9:31 a.m.•5 views

GHSA-GCMM-C94J-J47X @puchunjie/doc-tools-mcp has a Path Traversal Issue

6.3CVSS6.3AI score0.00288EPSS

Exploits0References7

NVD•added 2026/05/04 7:16 a.m.•5 views

CVE-2026-7738

6.5CVSS0.00288EPSS

EUVD•added 2026/05/04 6:0 a.m.•4 views

EUVD-2026-26919

ATTACKERKB•added 2026/05/04 6:0 a.m.•2 views

CVE-2026-7738

Exploits0References6Affected Software1

Vulnrichment•added 2026/05/04 6:0 a.m.•4 views

CVE-2026-7738 puchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversal

CVE•added 2026/05/04 6:0 a.m.•12 views

CVE-2026-7738

CVE-2026-7738 affects puchunjie doc-tools-mcp 1.0.18, specifically the MCP Interface’s file src/mcp-server.ts, in the functions create_document/open_document. The root cause is manipulation of the argument filePath, leading to a path traversal vulnerability. This could allow remote attackers to a...

CNNVD•added 2026/05/04 12:0 a.m.•6 views

Word Tools MCP Server 路径遍历漏洞

Word Tools MCP Server is an AI-driven word document manipulation tool developed by Jeremy Pu. Version 1.0.18 of Word Tools MCP Server contains a path traversal vulnerability. This vulnerability stems from the createdocument/opendocument function in the MCP Interface component, where the filePath...

6.5CVSS6.6AI score0.00288EPSS

Positive Technologies•added 2026/05/04 12:0 a.m.•1 views

PT-2026-36781

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create document/open document of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. Th...

Packet Storm News•added 2026/05/04 12:0 a.m.•1 views

Exploits0References7

Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense

Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...

5.8AI score

Exploits0

OSV•added 2026/05/04 12:0 a.m.•3 views

OPENSUSE-SU-2026:10679-1 net-tools-3.14~alpha~git.20251212.7011617-1.1 on GA media

These are all security issues fixed in the net-tools-3.14alphagit.20251212.7011617-1.1 package on the GA media of openSUSE Tumbleweed...

2.5CVSS5.8AI score0.00228EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in open-vm-tools

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper with local files to trigger insecure file operations within that VM...

6.1CVSS6.6AI score0.00231EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in mdadm

Uncontrolled resource consumption in some IntelR SSD Tools software prior to version mdadm-4.2-rc2 may allow a privileged user to potentially enable denial of service through local access...

4.4CVSS4.9AI score0.00226EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTKs. An attacker could use a specially crafted USB device or smart card, which would send a specially crafted response to APDUs to the system. When buffers are partially filled with data, the initialized...

4.3CVSS6.7AI score0.003EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in open-vm-tools

open-vm-tools contains a file descriptor hijacking vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

7.4CVSS6.3AI score0.00402EPSS