Lucene search
K

6 matches found

OSV
OSV
added 2026/06/16 10:20 p.m.8 views

MAL-2026-5936 Malicious code in vite-config-field (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e5dabbc9cf746e153391fbe76f4dc54f9bccb9f7fd467d5b80d07c84ab1fb58 [email protected] impersonates the legitimate vite-plugin-pwa package README copies its banner/badges, funding field points at antfu's GitHub...

6.5AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10274

A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can lead to server-si...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:16 p.m.16 views

CVE-2026-10274

A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can lead to server-si...

6.5CVSS0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 4:30 p.m.10 views

EUVD-2026-33670

A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can lead to server-si...

6.5CVSS6.3AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

AEM MCP Server 代码问题漏洞

The AEM MCP Server is a model context protocol server developed by Indrasishbanerjee, designed for content, components, and asset management. The AEM MCP Server has a code vulnerability that stems from incorrect handling of the parameter assetPath in the getAssetMetadata function within the Axios...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/16 9:51 p.m.5 views

Server-side Request Forgery (SSRF)

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the secureAxiosRequest and secureFetch functions. An attacker can gain unauthorized access to internal services and potentially exfiltrate sensitive data ...

7.6CVSS5.8AI score0.00232EPSS
Exploits1References3
Rows per page
Query Builder