Lucene search
K

5847 matches found

EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-43548

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation historie...

8.7CVSS6.1AI score
Exploits0References3
Nuclei
Nuclei
added yesterday14 views

WordPress Calls to Action <=2.4.3 - Authenticated Reflected XSS

Calls to Action plugin before 2.5.1 for WordPress contains stored XSS caused by unsanitized input in open-tab parameter in wp-admin/edit.php and wp-cta-variation-id parameter in ab-testing-call-to-action-example/, letting remote attackers inject arbitrary web script or HTML, exploit requires...

6.1CVSS6.5AI score0.02645EPSS
Exploits3References5
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-43195

A vulnerability was identified in Eleveo Call Recording Software 9.7.0. This issue affects some unknown processing of the file /callrec/restoreCallAction.do of the component Recorded Calls Page. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. T...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References5
CVE
CVE
added 2 days ago12 views

CVE-2026-15473

The CVE-2026-15473 entry concerns Eleveo Call Recording Software 9.7.0. The issue affects the Recorded Calls Page’s file handling at /callrec/restoreCallAction.do, where processing leads to improper authorization. The vulnerability is exploitable remotely, with exploit code described as PROOF-OF-...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43181

PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in the AICoder component due to missing path validation and command sanitization in LLM tool calls. Attackers can inject malicious prompts through the chat interface to write files to arbitrary filesystem...

9.9CVSS6.3AI score0.00538EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-34196

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...

7.8CVSS0.0015EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-43034

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

6.1AI score0.00167EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-55638

9Router is an AI router & token saver. Prior to 0.5.2, 9router protects /v1, /v1beta, /api/v1, and /api/v1beta in src/dashboardGuard.js but omits /codex before next.config.mjs rewrites /codex/ to /api/v1/responses. A remote unauthenticated attacker can send requests to /codex/ to bypass the API-k...

8.6CVSS0.00372EPSS
Exploits0References3
CVE
CVE
added 4 days ago6 views

CVE-2026-55638

9router prior to version 0.5.2 exposed an unauthenticated access path via /codex that bypassed the API-key gate due to an incomplete rewrite handling. An attacker could send requests to /codex/* and trigger upstream provider calls using operator-stored LLM provider credentials. The vulnerability ...

8.6CVSS6.1AI score0.00372EPSS
Exploits0References3
CVE
CVE
added 4 days ago8 views

CVE-2026-55641

9router (affected component: /v1 LLM proxy logic) had an unauthenticated bypass due to client-controlled Host header processing before version 0.5.2. This allowed a remote attacker to craft Host: localhost to bypass API-key checks, potentially enabling upstream provider calls with stored credenti...

8.2CVSS6.1AI score0.00246EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59818

A flaw was found in etcd, a distributed key-value store. When etcd is configured to use separate listeners for HTTP and gRPC client endpoints, the Certificate Revocation List CRL is not properly enforced on the gRPC listener. This oversight allows a client with a revoked certificate to successful...

8.1CVSS5.9AI score0.00364EPSS
Exploits0References12
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42263

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

7.4CVSS6.1AI score0.00161EPSS
Exploits0References2
OSV
OSV
added last week4 views

PYSEC-2026-1268 Composio Command Execution vulnerability

composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...

6.4CVSS6AI score0.00584EPSS
Exploits1References10
NVD
NVD
added 2026/07/06 9:16 p.m.10 views

CVE-2025-59616

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

7.8CVSS0.00064EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/07/06 8:39 p.m.6 views

Langroid: SQLChatAgent dangerous-function blocklist can be bypassed with quoted or schema-qualified pg_read_file calls

SQLChatAgent validatequery dangerous-pattern regex is bypassable via quoted/commented/qualified function names Summary The SQLChatAgent SQL-injection mitigation, with default allowdangerousoperations=False, combines a raw-text regex blocklist DANGEROUSSQLPATTERNS with a sqlglot SELECT-only...

9.8CVSS6.2AI score0.00646EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/06 8:39 p.m.4 views

GHSA-6XC5-4R68-67FC Langroid: SQLChatAgent dangerous-function blocklist can be bypassed with quoted or schema-qualified pg_read_file calls

SQLChatAgent validatequery dangerous-pattern regex is bypassable via quoted/commented/qualified function names Summary The SQLChatAgent SQL-injection mitigation, with default allowdangerousoperations=False, combines a raw-text regex blocklist DANGEROUSSQLPATTERNS with a sqlglot SELECT-only...

9.3CVSS6.2AI score0.00646EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.33 views

CVE-2025-59617 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS0.00065EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.7 views

CVE-2025-59617

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 8:9 p.m.4 views

EUVD-2025-210438

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.6 views

CVE-2025-59617 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References1
Rows per page
Query Builder