CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

110 matches found

Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()

Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...

9.8CVSS8.8AI score0.14653EPSS

Exploits8References3

NVD•added 3 days ago•8 views

CVE-2022-49042

An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS0.00014EPSS

Exploits0References1

NVD•added 3 days ago•7 views

CVE-2022-49036

An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS0.00014EPSS

Exploits0References1

Cvelist•added 3 days ago•28 views

CVE-2022-49036

7.8CVSS0.00014EPSS

Exploits0References1

Cvelist•added 3 days ago•31 views

CVE-2022-49042

7.8CVSS0.00014EPSS

Exploits0References1

Vulnrichment•added 3 days ago•5 views

CVE-2022-49042

7.8CVSS6.2AI score0.00014EPSS

Exploits0References1

CVE•added 3 days ago•9 views

CVE-2022-49042

CVE-2022-49042 affects Synology Hyper Backup Explorer (MinGW DLL component). The vulnerability arises from inclusion of functionality from an untrusted control sphere, enabling local arbitrary code execution via unspecified vectors in versions before 3.0.1-0156. The CVSSv3.1 vector is Local attac...

7.8CVSS6.2AI score0.00014EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 3 days ago•6 views

CVE-2022-49042

7.8CVSS6.2AI score0.00014EPSS

Exploits0References2

Exploit DB•added 2026/05/29 12:0 a.m.•45 views

Langflow 1.3.0 - Remote Code Execution

Exploit Title: Langflow 1.3.0 - Remote Code Execution Fofa-dork: title="Langflow" Shodan-dork: title:"Langflow" Date: 23-05-2026 Exploit Author: Diamorphine Venodor Homepage: https://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: 1.2.0 Tested on: Debian CVE :...

9.8CVSS7.3AI score0.14653EPSS

Exploits8

Packet Storm•added 2026/05/29 12:0 a.m.•25 views

📄 Langflow 1.3.0 Remote Code Execution

9.8CVSS8.1AI score0.14653EPSS

Exploits8

GithubExploit•added 2026/05/23 9:26 p.m.•37 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Langflow

No d...

9.8CVSS7.3AI score0.14653EPSS

Exploits8

GithubExploit•added 2026/05/23 9:26 p.m.•47 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Langflow

No d...

9.8CVSS5.8AI score0.14653EPSS

Exploits8

OSV•added 2026/04/28 6:30 a.m.•4 views

GHSA-WQPV-C3PP-3M58 OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.00027EPSS

Exploits0References4

Github Security Blog•added 2026/04/28 6:30 a.m.•3 views

OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.00027EPSS

Exploits0References4Affected Software1

GithubExploit•added 2026/03/25 4:46 p.m.•98 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 The principle is fairly simple: the -R option i...

9.3CVSS5.9AI score0.57345EPSS

Exploits69