EUVD-2026-31873

An improper access check allows privilege escalation through the comusers batch task...

CVE-2026-48898

An improper access check allows privilege escalation through the comusers batch task...

CVE-2026-48898

CVE-2026-48898 affects Joomla! Core via the com_users batch task. The root cause is an improper access check, enabling privilege escalation. Impact is described as high/critical in the provided metrics, with high confidentiality, integrity, and availability implications. The connected sources con...

Exploit for Path Traversal in Grafana

GrafTraverse - CVE-2021-43798 MiNi Exploitation Framework...

Bugsink 安全漏洞

Bugsink is an open-source, self-hosted bug tracking software developed by Bugsink. Versions of Bugsink prior to 2.2.0 contained security vulnerabilities. These vulnerabilities stemmed from the issue where batch operations did not require the submission of issue IDs belonging to the same project...

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...

PT-2026-43316

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the com users batch task. Recommendations At the moment, there is no information about a newer versi...

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...

PT-2026-43317

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the com users batch task. Recommendations At the moment, there is no information about a newer versi...

CVE-2026-9350

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

EUVD-2026-31560

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

CVE-2026-9350

CVE-2026-9350 affects NousResearch hermes-agent (up to version 2026.4.16), specifically the Batch Runner component’s file tools/approval.py, function check_all_command_guards. The description attributes a flaw that allows remote exploitation due to missing authorization in this function. Public e...

CVE-2026-9350

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

PT-2026-42906

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check all command guards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is public...

UBUNTU-CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

Malicious code in ml2000 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871b57a598bf1230a64fa6ee85d442eb30f21915176835801871dc46c59cedf6 On invoking the ml2000 CLI with no arguments, interactivemenu in src/mllabs/generator.py writes a batch file and launches it via...

MAL-2026-4756 Malicious code in ml2000 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871b57a598bf1230a64fa6ee85d442eb30f21915176835801871dc46c59cedf6 On invoking the ml2000 CLI with no arguments, interactivemenu in src/mllabs/generator.py writes a batch file and launches it via...

nimiq-blockchain: Genesis batch set request

Impact A remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates backwards through macro blocks using Policy::macroblockbefore. When it reaches the genesis block number, macroblockbefore panics...