CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/02/09 12:0 a.m.•2 views

Code-Projects Online Reviewer System 代码注入漏洞

The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Reviewer System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “firstname” in the file...

5.4CVSS5.7AI score0.00034EPSS

CNNVD•added 2026/02/09 12:0 a.m.•3 views

Code-Projects Online Music Site 代码注入漏洞

Code-Projects Online Music Site is an online music website developed by Code-Projects as open source. Version 1.0 of Code-Projects Online Music Site has a code injection vulnerability. This vulnerability stems from incorrect handling of the txtalbum parameter in the file...

4.8CVSS5.7AI score0.0004EPSS

Snyk•added 2026/02/08 10:0 p.m.•1 views

Origin Validation Error

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Origin Validation Error via the /cdp WebSocket endpoint that accepts arbitrary Chrome DevTools Protocol commands. An attacker can bypass the intended localhost-only restriction by running...

9.3CVSS6AI score0.00068EPSS

Exploits0References3

6.1CVSS5.7AI score0.00044EPSS

SourceCodester Simple Responsive Tourism Website 代码注入漏洞

SourceCodester Simple Responsive Tourism Website is an open-source tourism website developed by SourceCodester. Version 1.0 of SourceCodester Simple Responsive Tourism Website has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Title” in the...

CNNVD•added 2026/02/08 12:0 a.m.•3 views

Code-Projects Online Student Management System 代码注入漏洞

Code-Projects Online Student Management System is an open-source online student management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Student Management System contains a code injection vulnerability. This vulnerability arises from incorrect operations on the file...

4.8CVSS5.7AI score0.00044EPSS

6.1CVSS5.7AI score0.00014EPSS

SourceCodester Patients Waiting Area Queue Management System 代码注入漏洞

The SourceCodester Patients Waiting Area Queue Management System is an open-source system developed by SourceCodester for managing patient waiting queues. Version 1.0 of the SourceCodester Patients Waiting Area Queue Management System contains a code injection vulnerability. This vulnerability...

CNNVD•added 2026/02/08 12:0 a.m.•5 views

Simple Responsive Tourism Website 代码注入漏洞

Simple Responsive Tourism Website is a simple responsive tourism website. Version 1.0 of Simple Responsive Tourism Website has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameters firstname, lastname, and username in the...

6.1CVSS5.7AI score0.00017EPSS

Packet Storm News•added 2026/02/08 12:0 a.m.•4 views

Evasion of IoT Malware Detection Via Dummy Code Injection

The Internet of Things IoT has revolutionized connectivity by linking billions of devices worldwide. However, this rapid expansion has also introduced severe security vulnerabilities, making IoT devices attractive targets for malware such as the Mirai botnet. Power side-channel analysis has...

5.8AI score

Exploits0

6.1CVSS5.7AI score0.00055EPSS

SourceCodester Patients Waiting Area Queue Management System 代码注入漏洞

6.1CVSS5.7AI score0.00014EPSS

SourceCodester Patients Waiting Area Queue Management System 代码注入漏洞

CNNVD•added 2026/02/08 12:0 a.m.•3 views

nginxWebUI 代码注入漏洞

nginxWebUI is a nginx web configuration tool developed by cym1102 as an individual developer. Versions of nginxWebUI 4.3.7 and earlier contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter nginxDir in the file adminPage/conf/conf, which coul...

5.4CVSS5.7AI score0.00018EPSS

Exploits1References7

RedhatCVE•added 2026/02/07 7:22 a.m.•4 views

CVE-2026-1977

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS6.1AI score0.00085EPSS

Exploits0References1

RedhatCVE•added 2026/02/07 7:22 a.m.•6 views

CVE-2026-2008

A vulnerability was detected in abhiphile fermat-mcp up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. This vulnerability affects the function eqnchart of the file fmcp/mplmcp/core/eqnchart.py. Performing a manipulation of the argument equations results in code injection. It is possible to initiate...

8.8CVSS6.4AI score0.00129EPSS

Exploits1References1

Snyk•added 2026/02/06 7:48 a.m.•1 views

Arbitrary Code Injection

Overview fermat-mcp is a MCP Server for mathematical computation and plotting. Affected versions of this package are vulnerable to Arbitrary Code Injection via the eqnchart function. An attacker can execute arbitrary code by supplying crafted input to the equations argument. Remediation There is ...

8.8CVSS6.2AI score0.00129EPSS

Exploits1References2

NVD•added 2026/02/06 7:16 a.m.•5 views

CVE-2026-2008

8.8CVSS0.00129EPSS

OSV•added 2026/02/06 7:16 a.m.•3 views

CVE-2026-2008

8.8CVSS5.7AI score0.00129EPSS

Vulnrichment•added 2026/02/06 7:2 a.m.•1 views

CVE-2026-2008 abhiphile fermat-mcp eqn_chart.py eqn_chart code injection

6.5CVSS5.5AI score0.00129EPSS

EUVD•added 2026/02/06 7:2 a.m.•4 views

EUVD-2026-5692

6.5CVSS6.4AI score0.00129EPSS