Lucene search
K

152 matches found

Nuclei
Nuclei
added 13 hours ago29 views

Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()

Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...

9.8CVSS7.5AI score0.10371EPSS
Exploits8References3
NVD
NVD
added yesterday4 views

CVE-2026-57102

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS
Exploits0References1
NVD
NVD
added 2 days ago8 views

CVE-2026-15519

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS0.00238EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43262

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS5.4AI score0.00238EPSS
Exploits0References5
CVE
CVE
added 2 days ago17 views

CVE-2026-15519

The CVE-2026-15519 entry affects usestrix strix up to 1.0.2, specifically the PyPI Handler’s file system_prompt.jinja. A manipulation can cause inclusion of functionality from an untrusted control sphere. The vulnerability is exploitable remotely with network impact and a high attack complexity; ...

5.1CVSS5.4AI score0.00238EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-15519 usestrix PyPI system_prompt.jinja inclusion of functionality from untrusted control sphere

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS0.00238EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 3:16 p.m.18 views

CVE-2026-22283

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/17 2:24 p.m.6 views

CVE-2026-22283

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS5.9AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:24 p.m.12 views

EUVD-2026-37726

Dell PowerFlex Manager, versions Version prior to 4.8, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS5.4AI score0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 2:24 p.m.23 views

CVE-2026-22283

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS0.00213EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 2:24 p.m.24 views

CVE-2026-22283

Dell PowerFlex Manager before version 4.8 is affected by CVE-2026-22283 (Inclusion of Functionality from Untrusted Control Sphere). An unauthenticated attacker with remote access could trigger information disclosure. Affected product: Dell PowerFlex Manager; vulnerable component/behavior not furt...

7.5CVSS5.9AI score0.00213EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.29 views

PT-2026-50431

Name of the Vulnerable Software and Affected Versions Dell PowerFlex Manager versions prior to 4.8 Description An unauthenticated attacker with remote access can exploit the inclusion of functionality from an untrusted control sphere, which may lead to information disclosure. Recommendations Upda...

7.5CVSS5.3AI score0.00213EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.117 views

Security Update for Microsoft Visual Studio Code (June 2026)

The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.123.2. It is, therefore, affected by multiple vulnerabilities: - Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. CVE-2026-47281 -...

9.6CVSS5.5AI score0.00763EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.9 views

CVE-2026-47292

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.5AI score0.00368EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35502

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00368EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-47292

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS0.00368EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 5:17 p.m.2 views

CVE-2026-47292

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS7AI score0.00368EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:4 p.m.80 views

CVE-2026-47292

CVE-2026-47292 concerns a vulnerability in the Visual Studio Code MSSQL Extension where inclusion of functionality from an untrusted control sphere allows an attacker to escalate privileges locally. The connected documents confirm the affected product (Visual Studio Code MSSQL Extension) and the ...

7.8CVSS5.4AI score0.00368EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.11 views

Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.5AI score0.00368EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-48026

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00368EPSS
Exploits0References2
Rows per page
Query Builder