Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2026/07/01 7:43 p.m.7 views

CVE-2026-13500

A flaw was found in ANTLR4. A remote attacker could exploit a weakness within the Grammar Action Block Handler component by executing a manipulation. This vulnerability allows for code injection, which can lead to the execution of arbitrary code on the affected system. Mitigation Mitigation for...

7.5CVSS7.4AI score0.00311EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/30 6:23 a.m.6 views

CVE-2026-13503

A flaw was found in antlr ANTLR4. A remote attacker can exploit a path traversal vulnerability by manipulating the getImportedVocabFile function within the tokenVocab Grammar Option Handler component. This could allow unauthorized access to sensitive files and directories on the system. Mitigatio...

6.9CVSS5.9AI score0.0055EPSS
Exploits0References8
NVD
NVD
added 2026/06/28 3:16 p.m.11 views

CVE-2026-13501

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS0.00678EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/28 3:15 p.m.36 views

CVE-2026-13503 antlr ANTLR4 tokenVocab Grammar Option TokenVocabParser.java getImportedVocabFile path traversal

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS0.0055EPSS
Exploits0References5
CVE
CVE
added 2026/06/28 3:15 p.m.21 views

CVE-2026-13503

CVE-2026-13503 affects antlr ANTLR4 up to 4.13.2. The vulnerability resides in the function getImportedVocabFile of tokenVocab Grammar Option Handler, specifically in TokenVocabParser.java, enabling a path traversal vulnerability. It can be exploited remotely and the exploit is public. The vendor...

6.9CVSS5.7AI score0.0055EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/28 3:15 p.m.7 views

CVE-2026-13503

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS5.7AI score0.0055EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/28 2:45 p.m.38 views

CVE-2026-13502 antlr ANTLR4 Maven Plugin GrammarDependencies.java ObjectInputStream.readObject toctou

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS0.00091EPSS
Exploits0References5
CVE
CVE
added 2026/06/28 2:45 p.m.30 views

CVE-2026-13502

The CVE-2026-13502 entry concerns antlr ANTLR4 up to 4.13.2. It affects the function ObjectInputStream.readObject in the antlr4-maven-plugin’s GrammarDependencies.java, indicating a time-of-check time-of-use issue. The attack is restricted to local execution and requires a high degree of complexi...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/28 2:30 p.m.8 views

EUVD-2026-39999

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS5.4AI score0.00678EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/28 2:30 p.m.35 views

CVE-2026-13501 antlr ANTLR4 gofmt GoTarget.java GoTarget command injection

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS0.00678EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/28 2:15 p.m.9 views

EUVD-2026-39998

A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...

7.5CVSS5.6AI score0.00311EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/28 2:15 p.m.34 views

CVE-2026-13500 antlr ANTLR4 Grammar Action Block OutputFile.java code injection

A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...

7.5CVSS0.00311EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/28 2:15 p.m.10 views

CVE-2026-13500

A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...

7.5CVSS6.8AI score0.00311EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/28 2:15 p.m.43 views

CVE-2026-13500

The CVE-2026-13500 issue affects antlr ANTLR4 up to 4.13.2, specifically the Grammar Action Block Handler’s OutputFile.java in the tool. The underlying problem is a manipulation of OutputFile.java that can cause code injection. The vulnerability is described as exploitable remotely, with a public...

7.5CVSS6.8AI score0.00311EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.9 views

PT-2026-53114

Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description An issue exists in the tokenVocab Grammar Option Handler where the getImportedVocabFile function in the tool/src/org/antlr/v4/parse/TokenVocabParser.java file is susceptible to path traversal. This...

6.9CVSS6.1AI score0.0055EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.13 views

PT-2026-53112

Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description Command injection is possible in the gofmt component via the GoTarget function located in the tool/src/org/antlr/v4/codegen/target/GoTarget.java file. This issue allows an attacker to execute arbitra...

5.3CVSS6.3AI score0.00678EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file...

6.9CVSS5.8AI score0.0055EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-13500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of...

7.5CVSS6.7AI score0.00311EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-13501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file...

5.3CVSS5.5AI score0.00678EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3954

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.05663EPSS
Exploits0References7
Rows per page
Query Builder