Lucene search
K

8 matches found

NVD
NVD
added 3 days ago8 views

CVE-2026-13524

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS0.00264EPSS
Exploits0References7
CVE
CVE
added 3 days ago12 views

CVE-2026-13524

The CVE-2026-13524 entry concerns CherryHQ cherry-studio up to 1.9.6. Affected component: MCP OAuth Local Callback Server, specifically the source file src/main/services/mcp/oauth/callback.ts. The vulnerability is caused by manipulation of the argument code, leading to improper authorization. The...

6.3CVSS5.7AI score0.00264EPSS
Exploits0References7
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-13524 CherryHQ cherry-studio MCP OAuth Local Callback Server callback.ts improper authorization

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS0.00264EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/02 3:38 p.m.9 views

EUVD-2026-33973

OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter...

6.5CVSS5.7AI score0.00219EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/12 3:34 p.m.9 views

OpenClaude MCP OAuth Callback: State Check Bypass via error Param Leads to DoS

OAuth State Validation Bypass via error Parameter Causes Local Server DoS in MCP Auth Callback --- Description The OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter against an internal...

6.5CVSS5.9AI score0.00219EPSS
Exploits1References5Affected Software1
GithubExploit
GithubExploit
added 2024/10/17 6:21 p.m.238 views

Exploit for CVE-2024-47176

CVE-2024-47176 Vulnerability Scanner for CUPS A simple tool t...

5.3CVSS7.7AI score0.62269EPSS
Exploits14
GithubExploit
GithubExploit
added 2024/09/27 8:4 p.m.517 views

Exploit for CVE-2024-47176

CVE-2024-47176 Scanner === Evilsocket's PoC for CVE-2024-47176,...

5.3CVSS8.3AI score0.62269EPSS
Exploits14
GithubExploit
GithubExploit
added 2021/12/14 6:37 a.m.46 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

LogMePwn LogMePwn is a fully automated, multi-protocol, reliab...

10CVSS7AI score0.99999EPSS
Exploits348
Rows per page
Query Builder