Lucene search
K

167 matches found

Vulnrichment
Vulnrichment
added 2026/02/20 11:30 p.m.5 views

CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection

eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...

8.3CVSS5.7AI score0.00361EPSS
Exploits0References2
CVE
CVE
added 2026/02/20 11:30 p.m.26 views

CVE-2026-27203

The CVE-2026-27203 entry affects ebay-mcp (eBay API MCP Server), where the updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values, enabling CRLF/environment variable injection via the ebay_set_user_tokens tool. This can inject arbitrary environment variables into the .env ...

8.3CVSS5.8AI score0.00361EPSS
Exploits0References2
OSV
OSV
added 2026/02/20 11:30 p.m.7 views

CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection

eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...

8.3CVSS5.8AI score0.00361EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/19 8:27 p.m.12 views

eBay API MCP Server Affected by Environment Variable Injection

The ebaysetusertokens tool allows updating the .env file with new tokens. The updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values without validating them for newlines or quotes. This allows an attacker to inject arbitrary environment variables into the configuration fil...

8.3CVSS6AI score0.00361EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/19 8:27 p.m.4 views

GHSA-97RM-XJ73-33JH eBay API MCP Server Affected by Environment Variable Injection

The ebaysetusertokens tool allows updating the .env file with new tokens. The updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values without validating them for newlines or quotes. This allows an attacker to inject arbitrary environment variables into the configuration fil...

8.3CVSS6AI score0.00361EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.13 views

PT-2026-21328

Name of the Vulnerable Software and Affected Versions eBay API MCP Server affected versions not specified Description The eBay API MCP Server, an open source local MCP server providing AI assistants with access to eBay's Sell APIs, is susceptible to Environment Variable Injection through the...

8.3CVSS5.9AI score0.00361EPSS
Exploits0References13
OSV
OSV
added 2026/01/22 4:39 p.m.7 views

CLSA-2026-1769099972 httpd: Fix of 2 CVEs

CVE-2025-65082: fix CGI environment variable injection by preventing HTTP headers from overriding server-set variables and added regression tests - CVE-2025-66200: prevent suexec bypass by removing request notes usage and rejecting the undocumented RequestHeader note option...

6.5CVSS6.6AI score0.00771EPSS
Exploits0References1
OSV
OSV
added 2026/01/12 10:18 a.m.10 views

CLSA-2026-1768213076 httpd: Fix of 2 CVEs

CVE-2025-65082: fix CGI environment variable injection by preventing HTTP headers from overriding server-set variables - CVE-2025-66200: prevent suexec bypass by removing request notes usage and rejecting the undocumented RequestHeader note option...

6.5CVSS5.8AI score0.00771EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4088

Malware in sbrugna...

7.5CVSS6.4AI score0.017EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4572

Malware in sbrugna...

9CVSS8.8AI score0.02077EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3178

Malware in sbrugna...

4CVSS9.2AI score0.04188EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-2958

Malware in sbrugna...

7.5CVSS6.4AI score0.01611EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-25670

Malware in sbrugna...

6.1CVSS6.2AI score0.00757EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-0220

Malicious code in bioql PyPI...

1CVSS6.3AI score0.00177EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-2492

Malicious code in bioql PyPI...

8.3CVSS6.4AI score0.00614EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-41606

Malicious code in bioql PyPI...

9.9CVSS6.6AI score0.00769EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-31707

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0097EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/09/22 3:36 p.m.6 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.9 Security Update

New Red Hat build of Keycloak 26.2.9 packages are available from the Customer Portal Red Hat build of Keycloak 26.2.9 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes...

4.9CVSS5.8AI score0.00727EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/09/22 3:35 p.m.4 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.9 Images Security Update

New images are available for Red Hat build of Keycloak 26.2.9 and Red Hat build of Keycloak 26.2.9 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat...

4.9CVSS5.8AI score0.00727EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/09/04 11:24 a.m.7 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.15 Images Update

New images are available for Red Hat build of Keycloak 26.0.15 and Red Hat build of Keycloak 26.0.15 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

5.3CVSS6.1AI score0.0046EPSS
Exploits0References2
Rows per page
Query Builder