230 matches found
CVE-2026-0616
TheLibrarians webfetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions...
CVE-2026-0613
The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...
CVE-2026-0615
The Librarian (TheLibrarian.io) vulnerability CVE-2026-0615 concerns the supervisord status page exposed via the web_fetch tool, enabling retrieval of running processes in TheLibrarian backend. According to the sources, this could allow an attacker to enumerate backend processes and exposed state...
CVE-2026-0615 CVE-2026-0615
The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...
CVE-2026-0615 CVE-2026-0615
The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...
CVE-2026-0615
The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...
CVE-2026-0616 CVE-2026-0616
TheLibrarians webfetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions...
CVE-2026-0616
CVE-2026-0616 concerns The Librarian’s web_fetch tool, which can be used to retrieve the Adminer interface content and potentially log into the internal TheLibrarian backend system. The vulnerability is described across multiple connected sources as enabling access to internal infrastructure and ...
CVE-2026-0613 CVE-2026-0613
The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...
CVE-2026-0613
The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...
CVE-2026-0613
The Librarian (TheLibrarian.io) has an internal port-scanning vulnerability via the web_fetch tool that can be used for SSRF-like GET requests to internal IPs/services, enabling probing of the Hertzner cloud environment. The issue is tied to CVE-2026-0613; vendor remediation states the vulnerabil...
CVE-2026-0613 CVE-2026-0613
The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...
CVE-2026-0612 CVE-2026-0612
The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...
CVE-2026-0612
The Librarian (TheLibrarian.io) contains an information leakage vulnerability in the web_fetch tool that allows an attacker to retrieve arbitrary external content and proxy requests through The Librarian infrastructure. The issue affects The Librarian implementations and has been fixed in all ver...
CVE-2026-0612
The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...
PT-2026-3250
Name of the Vulnerable Software and Affected Versions TheLibrarians affected versions not specified Description The web fetch tool within TheLibrarians allows retrieval of the Adminer interface content, potentially enabling unauthorized access to the internal TheLibrarian backend system. This...
PT-2026-3249
Name of the Vulnerable Software and Affected Versions TheLibrarian versions prior to the fixed version Description The supervisord status page within TheLibrarian can be accessed via the web fetch tool, potentially exposing running processes in the backend. This allows for the retrieval of...
PT-2026-3247
Name of the Vulnerable Software and Affected Versions The Librarian affected versions not specified Description The Librarian software has an information leakage issue stemming from the web fetch tool. This allows an attacker to retrieve arbitrary external content, potentially using The Librarian...
PT-2026-3248
Name of the Vulnerable Software and Affected Versions TheLibrarian affected versions not specified Description The Librarian software has an internal port scanning issue stemming from the web fetch tool. This tool allows for Server-Side Request Forgery SSRF-style behavior, enabling GET requests t...
HTTP Fetch, Linux Chmod
Fetch and execute an AARCH64 payload from an HTTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/http/aarch64/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...