CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16070 matches found

RedHat Linux•added 2026/04/27 2:17 a.m.•10 views

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security h...

8.4CVSS7.4AI score0.00673EPSS

Exploits6References7

vulnersOsv•added 2026/04/27 12:0 a.m.•5 views

ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +9 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-pgvector-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-pgvector-store MAVEN version =1.1.0-M1, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.0.6, =4.0.5.20260423.1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321394...

8.6CVSS5.4AI score0.00394EPSS

Exploits0

Tenable Nessus•added 2026/04/27 12:0 a.m.•10 views

RHEL 8 : container-tools:rhel8 (RHSA-2026:10703)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10703 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc:...

8.4CVSS8.3AI score0.00673EPSS

Exploits6References14

NVD•added 2026/04/26 11:16 p.m.•2 views

CVE-2026-7064

A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published...

7.5CVSS0.01633EPSS

Exploits0References5

Cvelist•added 2026/04/26 10:45 p.m.•28 views

CVE-2026-7064 AgentDeskAI browser-tools-mcp browser-connector.ts os command injection

7.5CVSS0.01633EPSS

Exploits0References5

EUVD•added 2026/04/26 10:45 p.m.•3 views

EUVD-2026-25734

7.5CVSS5.1AI score0.01633EPSS

Exploits0References5

ATTACKERKB•added 2026/04/26 10:45 p.m.•1 views

CVE-2026-7064

7.5CVSS7AI score0.01633EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/26 10:45 p.m.•3 views

CVE-2026-7064 AgentDeskAI browser-tools-mcp browser-connector.ts os command injection

7.5CVSS7AI score0.01633EPSS

Exploits0References5

CVE•added 2026/04/26 10:45 p.m.•5 views

CVE-2026-7064

CVE-2026-7064 affects AgentDeskAI browser-tools-mcp (up to version 1.2.0). The flaw involves a manipulation in the file browser-tools-server/browser-connector.ts that can enable os command injection. Reported as exploitable from remote, with an exploit published. Details in the connected document...

7.5CVSS7AI score0.01633EPSS

Exploits0References5

CNNVD•added 2026/04/26 12:0 a.m.•5 views

BrowserTools MCP 命令注入漏洞

BrowserTools MCP is an open-source browser monitoring and AI interaction tool developed by AgentDeskAI. Versions of BrowserTools MCP 1.2.0 and earlier contained a command injection vulnerability, which stemmed from the os command injection present in the browser-tools-server/browser-connector.ts...

7.5CVSS7.1AI score0.01633EPSS

Exploits0References1

Positive Technologies•added 2026/04/26 12:0 a.m.•5 views

PT-2026-35260

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

6.9CVSS5.7AI score0.0018EPSS

Exploits0References4

Positive Technologies•added 2026/04/26 12:0 a.m.•4 views

PT-2026-35271

7.5CVSS7AI score0.01633EPSS

Exploits0References6

Packet Storm News•added 2026/04/26 12:0 a.m.•3 views

The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol

Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...

5.7AI score

Exploits0

Snyk•added 2026/04/25 11:50 p.m.•3 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the policy enforcement process. An attacker can gain unauthorized access to restricted tools by leveraging bundled MCP or LSP tools that bypass configured tool...

5.4CVSS5.5AI score0.00706EPSS

Exploits0References2

Github Security Blog•added 2026/04/25 11:50 p.m.•7 views

OpenClaw: Bundled MCP/LSP tools could bypass configured tool policy

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Bundled MCP and LSP tools could be appended to the agent's effective tool set after the normal tool-policy pipeline had already filtered core tools. If an operator configured a...

5.4AI score

Exploits0References3Affected Software1