Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/02/26 12:47 a.m.4 views

CVE-2026-27896 MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity

The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in versions prior to 1.3.1. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc...

7CVSS5.9AI score0.00255EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.5 views

PT-2025-43162

Name of the Vulnerable Software and Affected Versions CMSSuperHeroes Clanora versions prior to 1.3.1 Description The software contains a flaw related to unrestricted file uploads, potentially allowing the use of malicious files. This could allow an attacker to upload files of dangerous types...

10CVSS6.6AI score0.00565EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/02 12:0 a.m.7 views

PT-2023-13734 · WordPress · Authenticator

Name of the Vulnerable Software and Affected Versions: Authenticator WordPress plugin versions prior to 1.3.1 Description: The issue arises from the plugin's failure to restrict subscribers from updating a site's feed access token. This could potentially deny other users access to certain...

4.3CVSS7AI score0.00771EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2021/03/30 12:0 a.m.5 views

PT-2021-14678 · Jenkins · Jenkins Rest List Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins REST List Parameter Plugin versions 1.3.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the failure to escape a parameter name reference in embedded JavaScript. This vulnerability...

5.4CVSS5.2AI score0.08759EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2018/06/07 12:0 a.m.2 views

PT-2018-16143 · Npm · Mixin-Deep

Name of the Vulnerable Software and Affected Versions: mixin-deep versions prior to 1.3.1 Description: The issue allows a malicious user to modify the prototype of Object via proto , causing the addition or modification of an existing property that will exist on all objects. This is achieved...

8.8CVSS8.5AI score0.02123EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2005/06/09 12:0 a.m.5 views

PT-2005-2898 · Invision · Invision Gallery

Name of the Vulnerable Software and Affected Versions: Invision Gallery versions prior to 1.3.1 Description: A cross-site request forgery issue allows remote attackers to perform actions such as deleting albums and images as another user. This can be achieved via a link or IMG tag to specific...

5CVSS6.7AI score0.00461EPSS
Exploits1References3
Rows per page
Query Builder