Lucene search
+L

1398 matches found

NVD
NVD
added 4 days ago10 views

CVE-2026-40501

Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...

8.8CVSS0.00438EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-44747

Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...

8.8CVSS6.7AI score0.00438EPSS
Exploits0References3
CVE
CVE
added 4 days ago8 views

CVE-2026-40501

Cherry Studio versions 1.2.2–1.9.12 contain a remote code execution vulnerability in the SearchService due to a nodeIntegration misconfiguration. When an Electron BrowserWindow is created with nodeIntegration enabled and contextIsolation disabled, control over search provider content (provided by...

8.8CVSS6.7AI score0.00438EPSS
Exploits0References3
OSV
OSV
added 4 days ago4 views

CVE-2026-40501 Cherry Studio RCE via SearchService nodeIntegration Misconfiguration

Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...

8.6CVSS6.7AI score0.00438EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 11:45 a.m.7 views

PYSEC-2026-1956 TensorFlow has Null Pointer Error in SparseSparseMaximum

Impact When SparseSparseMaximum is given invalid sparse tensors as inputs, it can give an NPE. python import tensorflow as tf tf.rawops.SparseSparseMaximum aindices=1, avalues = 0.1 , ashape = 2, bindices=, bvalues =2 , bshape = 2, Patches We have patched the issue in GitHub commit...

7.5CVSS6.6AI score0.00439EPSS
Exploits1References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-956 TensorFlow has Floating Point Exception in TensorListSplit with XLA

Impact FPE in TensorListSplit with XLA python import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def fuzzjit: y = funcpara return y printfuzzjit Patches We have patched the issue in GitHub commit...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.5 views

PYSEC-2026-960 TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

Impact Out of bounds read in GRUBlockCellGrad python func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3...

7.5CVSS5.9AI score0.00383EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.3 views

PYSEC-2026-1050 Segfault via invalid attributes in `pywrap_tfe_src.cc`

Impact If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes. python import numpy as np import...

5.5CVSS6AI score0.00404EPSS
Exploits1References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-951 Overflow in `ImageProjectiveTransformV2`

Impact When tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows. python import tensorflow as tf interpolation = "BILINEAR" fillmode = "REFLECT" images = tf.constant0.184634328, shape=2,5,8,3, dtype=tf.float32 transforms = tf.constant0.378575385, shape=2,8,...

4.8CVSS7AI score0.0043EPSS
Exploits1References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-980 TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank`

Impact When tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf a = tf.constant, shape=0, 1, 1, dtype=tf.float32 tf.linalg.matrixranka=a Patches We have patched the issue in GitHub...

5.9CVSS5.9AI score0.0042EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1047 TensorFlow vulnerable to Int overflow in `RaggedRangeOp`

Impact The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also throws an abort signal that crashes the program. python...

5.9CVSS6AI score0.00567EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-996 TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`

Impact When tensorflow::fulltype::SubstituteFromAttrs receives a FullTypeDef& t that is not exactly three args, it triggers a CHECK-fail instead of returning a status. cpp Status SubstituteForEachAttrMap& attrs, FullTypeDef& t DCHECKEQt.argssize, 3; const auto& cont = t.args0; const auto& tmpl =...

7.5CVSS7.1AI score0.00567EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-987 TensorFlow vulnerable to `CHECK` failure in tf.reshape via overflows

Impact The implementation of tf.reshape op in TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure caused by overflowing the number of elements in a tensor: python import tensorflow as tf tf.reshapetensor=1,shape=tf.constant0 for i in range255, dtype=tf.int64 This i...

5.9CVSS5.9AI score0.00411EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 9:37 a.m.5 views

PYSEC-2026-974 TensorFlow vulnerable to `CHECK` failure in `SobolSample` via missing validation

Impact The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. python import tensorflow as tf tf.rawops.SobolSampledim=tf.constant1,0, numresults=tf.constant1, skip=tf.constant1 Patche...

5.9CVSS6.9AI score0.00457EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1026 Missing validation results in undefined behavior in `QuantizedConv2D`

Impact The implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments: python import tensorflow as tf input = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8 filter = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8 bad args mininput = tf.constant, shape=0,...

5.5CVSS5.9AI score0.00333EPSS
Exploits1References11
NVD
NVD
added 2026/06/29 6:16 a.m.11 views

CVE-2026-13534

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS0.00199EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/29 4:15 a.m.9 views

EUVD-2026-40031

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS5.4AI score0.00199EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 4:15 a.m.3 views

CVE-2026-13534 CherryHQ cherry-studio CherryIN Preload API MemoryService.ts sha256 authorization

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

2.3CVSS5.4AI score0.00199EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/29 4:15 a.m.44 views

CVE-2026-13534 CherryHQ cherry-studio CherryIN Preload API MemoryService.ts sha256 authorization

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS0.00199EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 4:15 a.m.10 views

CVE-2026-13534

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS5.4AI score0.00199EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder