6 matches found
CVE-2026-32871 FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability
FastMCP is a Pythonic way to build MCP servers and clients. Prior to version 3.2.0, the OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A vulnerabilit...
PT-2026-25324
Arbitrary File Write via Path Traversal in Google clasp leading to RCE CVE: CVE-2026-4092 Vendor: Google Product: Clasp CVSS: 8.7 Credits: n/a Description: Path Traversal in Clasp impacting versions 3.2.0 allows a remote attacker to perform remote code execution via a malicious Google Apps Script...
WordPress Library Viewer plugin < 3.2.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Muhammad Rohan khan in WordPress Plugin Library Viewer versions 3.2.0...
Salesforce Agentforce Vibes Extension 安全漏洞
Salesforce Agentforce Vibes Extension is an AI-coded agent extension from Salesforce, Inc. in the United States. A security vulnerability exists in Salesforce Agentforce Vibes Extension versions prior to 3.2.0 that stems from improper neutralization of LLM prompt inputs, which could lead to code...
AZL-26730 CVE-2023-26964 affecting package kata-containers for versions less than 3.2.0.azl0-1
An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RSTSTREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service DoS...
Mattermost Server is vulnerable to Uncontrolled Resource Consumption
An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang...