Lucene search
K

1870506 matches found

GithubExploit
GithubExploit
added 49 minutes ago5 views

Exploit for CVE-2026-13001

CVE-2026-13001 — Podlove Podcast Publisher Unauthenticated File...

9.8CVSS6.5AI score
Exploits2
The Hacker News
The Hacker News
added 1 hour ago4 views

TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development

Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things IoT botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance from a large language model LLM, albeit with not so successful results. "While the AI complied with...

6.1AI score
Exploits0
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-44752

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS6.1AI score
Exploits0References5
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-44709

Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on Unix, allowing truncation/overwrite of the symlink target. The destructive effect is performed at open-time via OTRUNC, and can happen before full input validation completes “truncation-before-validation...

6.1AI score
Exploits0References4
GithubExploit
GithubExploit
added 1 hour ago6 views

CVE-Hunter

CVE Hunter Pro A Chrome extension for fast, single-lookup CVE...

6.7CVSS6.2AI score0.0024EPSS
Exploits5
OSV
OSV
added 1 hour ago2 views

GHSA-RJG7-R26H-CFP2 Koel: Full-read SSRF via podcast enclosure URL: isPublicHost() filter_var guard does not reject NAT64 (64:ff9b::/96) or 6to4 (2002::/16) IPv6-transition wrappers of internal IPv4

Summary Koel's outbound-URL guard App\Helpers\Network::isPublicHost classifies an IP as "public" using PHP's filtervar$ip, FILTERVALIDATEIP, FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE. That flag set does not recognise IPv6 transition-address forms that embed a private/loopback/link-local IPv4:...

5.3CVSS6.2AI score
Exploits0References5
GithubExploit
GithubExploit
added 1 hour ago7 views

Exploit for CVE-2026-14960

Privilege Escalation Vulnerabilities in Pegatron TdeIo64 Drive...

6.2AI score
Exploits1
NVD
NVD
added 1 hour ago4 views

CVE-2026-58660

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS
Exploits0References4
NVD
NVD
added 1 hour ago4 views

CVE-2026-50562

FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...

9.3CVSS0.00012EPSS
Exploits0References1
OSV
OSV
added 2 hours ago3 views

GHSA-6QVR-WJMV-V8MM Koel: Incomplete fix for CVE-2026-47260 — systemic SSRF in podcast & radio fetch paths

Summary The fix for CVE-2026-47260 v9.3.5 added an initial isSafeUrl check to several fetchers synchronizeEpisodes, getStreamableUrl, AddRadioStation, EpisodePlayable, but the redirect-target validation — the per-hop Guzzle onredirect callback added in follow-up commit be1e867 — was applied to on...

7.1CVSS6.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2 hours ago2 views

Malicious code in qwen-asr-pvt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68e8b2f6db0443a648cdf03348c8dd9351568469f84b8d61022f1ed1da2a330e The package's pyproject.toml declares an unpinned runtime dependency on transformers4576, a lookalike of the widely used HuggingFace transformers...

6.1AI score
Exploits0References1
OSV
OSV
added 2 hours ago3 views

MAL-2026-10690 Malicious code in qwen-asr-pvt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68e8b2f6db0443a648cdf03348c8dd9351568469f84b8d61022f1ed1da2a330e The package's pyproject.toml declares an unpinned runtime dependency on transformers4576, a lookalike of the widely used HuggingFace transformers...

6.1AI score
Exploits0References1
OSV
OSV
added 2 hours ago2 views

GHSA-RV48-QQJ5-CRXG Protobuf: Unbounded recursion depth in embedded-message decoding

Summary Unbounded recursion depth in Protobuf.Decoder Hex package protobuf, versions = 0.8.0, 0.16.1 lets an unauthenticated attacker crash any service that decodes untrusted protobuf messages whose schema contains a self-referential or cyclic message type. A small request body a few KB to a few ...

8.2CVSS6.1AI score
Exploits0References4
OSV
OSV
added 2 hours ago3 views

GHSA-3PVH-63GF-J9MW LangBot: Authenticated RCE Via MCP Configuration

Summary Any authenticated user can achieve arbitrary command execution on the LangBot servers through changing the MCP Server Configuration by added an "STDIO" MCP with an arbitrary command. Details The repository uses StdioServerParameters which is based on Anthropic's modelcontextprotocol open...

8.8CVSS6.6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2 hours ago5 views

LangBot: Authenticated RCE Via MCP Configuration

Summary Any authenticated user can achieve arbitrary command execution on the LangBot servers through changing the MCP Server Configuration by added an "STDIO" MCP with an arbitrary command. Details The repository uses StdioServerParameters which is based on Anthropic's modelcontextprotocol open...

6.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2 hours ago5 views

Koel has SSRF through Authenticated Subsonic podcast feed URLs

Summary Koel's Subsonic createPodcastChannel.view endpoint accepts a user supplied podcast feed URL and fetches it server-side before applying the safe URL checks that are used for podcast episode enclosure URLs. An authenticated Subsonic API user can provide a loopback or internal URL as the fee...

6.1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2 hours ago3 views

GHSA-8Q6Q-M837-FV64 Koel has SSRF through Authenticated Subsonic podcast feed URLs

Summary Koel's Subsonic createPodcastChannel.view endpoint accepts a user supplied podcast feed URL and fetches it server-side before applying the safe URL checks that are used for podcast episode enclosure URLs. An authenticated Subsonic API user can provide a loopback or internal URL as the fee...

6.4CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2 hours ago3 views

CVE-2026-12382

A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...

8.2CVSS6.2AI score
Exploits0References3
GithubExploit
GithubExploit
added 3 hours ago6 views

OIBSIP_CyberSecurty_Task-9

SQL Injection — DVWA & SQLMap Task 5 of the Oasis InfoByte...

6.3AI score
Exploits0
Vulnrichment
Vulnrichment
added 3 hours ago3 views

CVE-2026-58660 Kanboard BoardAjaxController Missing Ownership Check via Drag-and-Drop

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS6.1AI score
Exploits0References4
Rows per page
Query Builder