CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 5 days ago•10 views

EUVD-2026-33495

Vulnrichment•added 5 days ago•5 views

CVE-2026-10175 Aider-AI Aider Architect Mode auth.py editor_coder.run code injection

Cvelist•added 5 days ago•31 views

CVE-2026-10175 Aider-AI Aider Architect Mode auth.py editor_coder.run code injection

6.5CVSS0.00052EPSS

ATTACKERKB•added 5 days ago•10 views

CVE-2026-10175

6.5CVSS5.6AI score0.00052EPSS

Exploits0References6Affected Software1

CVE•added 5 days ago•23 views

CVE-2026-10175

Affected software : Aider-AI Aider 0.86.3, Architect Mode. Vulnerable component : editor_coder.run in auth.py. Vulnerability : input manipulation enables code injection. Impact : remote execution possible over network; CVSS indicates MEDIUM with low confidentiality/integrity/availability impact. ...

CNNVD•added 5 days ago•5 views

Aider 代码注入漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a code injection vulnerability. This vulnerability arises from the operation editorcoder.run in the Architect Mode component, allowing for code injection. Attackers can launch attacks...

6.5CVSS6.7AI score0.00052EPSS

Positive Technologies•added 5 days ago•7 views

PT-2026-45184

A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor coder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has be...

Packet Storm•added 2026/05/26 12:0 a.m.•42 views

Exploits0References7

📄 Sparx Pro Cloud Server 6.1 / Sparx Enterprise Architect 17.1 SQL Injection

Multiple vulnerabilities in Sparx Pro Cloud Server PCS versions 6.1 and below and Sparx Enterprise Architect versions 17.1 and below allow a remote unauthenticated attacker to execute arbitrary SQL queries both read and write within any configured database. In the case where PCS is installed with...

9.3CVSS6.5AI score0.00209EPSS

Exploits3

IBM Security Bulletins•added 2026/05/20 3:24 p.m.•4 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 - Includes Oracle April 2026 CPU for Rational Software Architect Designer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition,Versions 8 and Java 17 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM SDK, Java Technology Edition...

7.5CVSS7.1AI score0.00154EPSS

Exploits0Affected Software1

NVD•added 2026/05/19 2:16 p.m.•6 views

CVE-2026-42098

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior e.g. using a debugger and log in as any other user or administrator - then it is possible to do every...

8.7CVSS0.00043EPSS

Cvelist•added 2026/05/19 12:59 p.m.•29 views

CVE-2026-42098 Authorization Bypass in Sparx Enterprise Architect

8.7CVSS0.00043EPSS

CVE•added 2026/05/19 12:59 p.m.•10 views

CVE-2026-42098

CVE-2026-42098 affects Sparx Enterprise Architect. An authenticated attacker can modify the client behavior (e.g., via debugger) to log in as another user or administrator, enabling “every possible change” to the repository. Affected/testing: only version 17.1 and below have been tested and confi...

8.7CVSS5.8AI score0.00043EPSS

EUVD•added 2026/05/19 12:59 p.m.•6 views

EUVD-2026-30930

8.7CVSS5.8AI score0.00046EPSS

Exploits2References4

ATTACKERKB•added 2026/05/19 12:59 p.m.•6 views

CVE-2026-42098

8.7CVSS5.8AI score0.00046EPSS

Exploits2References5

Vulnrichment•added 2026/05/19 12:59 p.m.•4 views

CVE-2026-42098 Authorization Bypass in Sparx Enterprise Architect

8.7CVSS5.8AI score0.00043EPSS