Lucene search
K

3232 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/18 2:2 p.m.6 views

CVE-2026-56012

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35...

8.5CVSS5.5AI score0.00211EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/18 2:1 p.m.8 views

WordPress Media LIbrary Assistant plugin <= 3.35 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Media LIbrary Assistant versions = 3.35...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Circl
Circl
added 2026/06/18 9:17 a.m.9 views

CVE-2026-54317

creationtimestamp| type| source ---|---|--- 2026-06-18 09:17:38+00:00| published-proof-of-concept| https://github.com/home-assistant/core/security/advisories/GHSA-x84v-g949-293w 2026-06-24 12:13:59+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mozvbqteme22...

7.6CVSS5.8AI score0.00193EPSS
Exploits1References2
NVD
NVD
added 2026/06/16 10:16 a.m.9 views

CVE-2026-54198

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.7 views

EUVD-2026-37055

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS5.2AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.33 views

CVE-2026-54198 WordPress Media LIbrary Assistant plugin <= 3.35 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.14 views

CVE-2026-54198

CVE-2026-54198 affects the WordPress Media Library Assistant plugin up to version 3.35. The vulnerability is an unauthenticated cross-site scripting (XSS) in the plugin (reflected XSS per CVE record) with a CVSS 3.1 base score of 7.1 (HIGH). Attack vector: Network; privileges required: NONE; user...

7.1CVSS5.1AI score0.00146EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 12:5 a.m.13 views

Malicious code in sp-api-dev-assistant-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18b5b59005300a7a8612a3bf36d3707df573ac722e94e52a3854844345d63745 Package contains only package.json and README.md, with the README explicitly stating it is a proof-of-concept squatting an unclaimed npm name that wa...

6.3AI score
Exploits0References2
Imperva Blog
Imperva Blog
added 2026/06/15 11:6 a.m.10 views

Your Security Operations Team Just Got Faster: Meet Imperva’s AI Assistant.

There is a moment every security analyst knows well. It’s 2am , an alert fires, and you’re staring at a console trying to make sense of what just happened—fast. You need context, scope, and impact: What’s being targeted? Where is it coming from? Is it getting worse? What should we do next? That...

5.4AI score
Exploits0
Talos Blog
Talos Blog
added 2026/06/11 6:0 p.m.12 views

A tale of two eras

Welcome to this week's edition of the Threat Source newsletter. To the surprise of absolutely no one who has seen my face, I'm one of the younger employees at Talos. As my industry veteran colleagues were buying the first iPods, navigating the switch from dial-up to broadband, saying goodbye to...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.12 views

CVE-2026-45487

Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00184EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/10 3:6 p.m.49 views

rspwner

RSPWNER RSPWNER is a Rust-based AI-assisted CTF pwn assistant...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.11 views

CVE-2026-36728

A markdown based cross-site scripting XSS vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a chat message...

5.4CVSS5.6AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.14 views

CVE-2026-46475

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-workspace assistant takeover. This issue has been patched in version 3.1.2...

8.8CVSS5.3AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.13 views

CVE-2026-46441

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId...

9.6CVSS5.5AI score0.00274EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.44 views

EUVD-2026-35673

Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00184EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.13 views

CVE-2026-45487

Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.37 views

CVE-2026-45487 Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability

...

7.8CVSS0.00184EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:4 p.m.20 views

CVE-2026-45487

CVE-2026-45487 is a Windows vulnerability in the Program Compatibility Assistant Service where a TOCTOU race condition enables a local, authorized user to elevate privileges. Affected component: Program Compatibility Assistant Service on Windows. Root cause: TOCTOU race condition allowing privile...

7.8CVSS5.4AI score0.00184EPSS
Exploits0References1Affected Software8
Vulnrichment
Vulnrichment
added 2026/06/09 5:4 p.m.11 views

CVE-2026-45487 Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability

...

7.8CVSS5.4AI score0.00184EPSS
Exploits0References1
Rows per page
Query Builder