Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1203 matches found

RedhatCVE
RedhatCVEadded 2 days ago3 views

CVE-2026-10264

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS5.3AI score0.00021EPSS
Exploits0References1
NVD
NVDadded 4 days ago8 views

CVE-2026-10264

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS0.00021EPSS
Exploits0References8
Cvelist
Cvelistadded 4 days ago25 views

CVE-2026-10264 lharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversal

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS0.00021EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 4 days ago5 views

CVE-2026-10264 lharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversal

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS5.3AI score0.00021EPSS
Exploits0References8
CVE
CVEadded 4 days ago13 views

CVE-2026-10264

CVE-2026-10264 affects lharries whatsapp-mcp 0.0.1. The vulnerability is in the SendMessageRequest function of whatsapp-bridge/main.go, where manipulation of the mediaPath argument enables path traversal. The exploit has been publicly disclosed. A patch is available (patch name: 6657cdceadd361e8f...

5.1CVSS5.3AI score0.00021EPSS
Exploits0References8
EUVD
EUVDadded 4 days ago6 views

EUVD-2026-33646

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS5.3AI score0.00021EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 4 days ago4 views

CVE-2026-10264

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS5.3AI score0.00021EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologiesadded 4 days ago11 views

PT-2026-45426

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

5.1CVSS5.3AI score0.00021EPSS
Exploits0References9
CNNVD
CNNVDadded 4 days ago6 views

WhatsApp MCP Server path traversal vulnerability

WhatsApp MCP Server is a WhatsApp messaging search and sending tool developed by Luke Harries. Version 0.0.1 of WhatsApp MCP Server has a path traversal vulnerability. This vulnerability stems from incorrect handling of the mediaPath parameter in the SendAPIEndpoint component’s SendMessageRequest...

5.1CVSS5.8AI score0.00021EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/26 2:1 p.m.10 views

Malicious code in saturn-bail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a29ae44bbeeb4d31d176d78d669615e7a508bd236620cc3724478100f9b6997 saturn-bail is a Baileys-derivative WhatsApp library that, on every makeWASocket call, schedules a 90-second timer which executes...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/26 2:1 p.m.6 views

MAL-2026-4818 Malicious code in saturn-bail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a29ae44bbeeb4d31d176d78d669615e7a508bd236620cc3724478100f9b6997 saturn-bail is a Baileys-derivative WhatsApp library that, on every makeWASocket call, schedules a 90-second timer which executes...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/26 12:15 p.m.4 views

MAL-2026-4803 Malicious code in @fhkry/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75b00f1cbf8b88a31654d13fe812fd9201f0b0c92f9ddad31fea59376752a636 This package is a Baileys WhatsApp Web library fork that, on every WebSocket connection, silently performs WhatsApp newsletter actions on the...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/26 10:27 a.m.8 views

Malicious code in shizukyu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31c8d6ffda18d74aa3d25ab3804e721a72dc385d89f2742d7c9e967919b27449 The package exports a single function shizukuChsocket that accepts a caller's authenticated Baileys WhatsApp socket and invokes...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/26 10:27 a.m.3 views

MAL-2026-4806 Malicious code in shizukyu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31c8d6ffda18d74aa3d25ab3804e721a72dc385d89f2742d7c9e967919b27449 The package exports a single function shizukuChsocket that accepts a caller's authenticated Baileys WhatsApp socket and invokes...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/25 2:50 p.m.7 views

Malicious code in chromestaff-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d5fad12014025f37f607a61051a445262f37bcee6682850dfd77cc0dcb0b486 chromestaff-baileys is a fork of the Baileys WhatsApp library that, on every successful WhatsApp connection, silently forces the connected user's...

5.7AI score
Exploits0References1
OSV
OSVadded 2026/05/25 2:50 p.m.3 views

MAL-2026-4519 Malicious code in chromestaff-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d5fad12014025f37f607a61051a445262f37bcee6682850dfd77cc0dcb0b486 chromestaff-baileys is a fork of the Baileys WhatsApp library that, on every successful WhatsApp connection, silently forces the connected user's...

5.7AI score
Exploits0References1
OSV
OSVadded 2026/05/23 3:34 p.m.4 views

MAL-2026-4578 Malicious code in hiura-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ebb60061f29d4f4279bca1129ebfccefb928bd22364f26961205935ff71393f This is a fork of the Baileys WhatsApp library that adds undocumented behavior abusing the consumer's authenticated WhatsApp account for the author's...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/23 3:34 p.m.11 views

Malicious code in hiura-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ebb60061f29d4f4279bca1129ebfccefb928bd22364f26961205935ff71393f This is a fork of the Baileys WhatsApp library that adds undocumented behavior abusing the consumer's authenticated WhatsApp account for the author's...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/23 11:13 a.m.9 views

Malicious code in @budetzzgantenk/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81b1fbb4415cf2858924d511ef2bf96ad5152dda4537a264f45d1b4d847ba25d Package @budetzzgantenk/baileys is a modified fork of @whiskeysockets/baileys that adopts the upstream's homepage...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/23 1:14 a.m.3 views

MAL-2026-4369 Malicious code in @blckrose/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17e53bba6dc765b6c0f5d1a1a33a1ebcc7827e35af3688f86555bf1c067f5d0d This package is a fork of the Baileys WhatsApp Web library that ships three undisclosed behaviors which benefit the publisher at the installer's...

5.9AI score
Exploits0References2
Rows per page
Query Builder