CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/06/05 7:19 p.m.•8 views

CVE-2026-49188

The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...

9.8CVSS5.8AI score0.00317EPSS

Exploits0References1

CNNVD•added 2026/06/04 12:0 a.m.•7 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the aicmd tool executing with full root access, and it involves direct passing of socket inputs to popen, which may allow...

9.8CVSS5.8AI score0.00317EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 2:57 p.m.•3 views

CVE-2026-26133

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.8AI score0.00433EPSS

Exploits0References1

EUVD•added 2026/03/16 3:30 p.m.•6 views

EUVD-2026-12111

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.8AI score0.00433EPSS

Exploits0References2

The Hacker News•added 2026/02/17 6:8 p.m.•8 views

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Cybersecurity researchers have disclosed that artificial intelligence AI assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control C2 relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade...

6AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•16 views

EUVD-2025-18114

Malicious code in bioql PyPI...

9.3CVSS6.7AI score0.05776EPSS

Exploits1References2

NVD•added 2025/09/12 2:15 a.m.•6 views

CVE-2025-55319

Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network...

9.8CVSS0.00849EPSS

Exploits0References1

OSV•added 2025/09/12 2:15 a.m.•6 views

CVE-2025-55319

Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network...

9.8CVSS8.1AI score0.00849EPSS

Exploits0References1

The Hacker News•added 2025/06/12 11:11 a.m.•30 views

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence AI vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 M365 Copilot's context sans any user interaction. The critical-rated vulnerability has been assigned the...

9.3CVSS9.2AI score0.05776EPSS

Exploits1

NVD•added 2025/06/11 2:15 p.m.•12 views

CVE-2025-32711

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

9.3CVSS0.05776EPSS

Exploits1References2