Lucene search
+L

8561 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-45330

IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

9.8CVSS5.3AI score
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45308

IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint /api/v1/buildpublictmp/flowid/flow . The vulnerability stems from an incomplete denylist in the validatepublicflownocodeexecution function that fails...

8.1CVSS6.3AI score
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45276

IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the disk-based caching mechanism. The AsyncDiskCache class uses Python's unsafe pickle.loads function to deserialize cached objects from disk without validation, integrity verification, or...

9.9CVSS6.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-41854

A flaw was found in Spring Framework. Due to incorrect host parsing in the UriComponentsBuilder component, applications that process externally provided URL strings may be vulnerable to a Server-Side Request Forgery SSRF attack. An SSRF attack allows an attacker to trick the server into making...

6.5CVSS4.9AI score0.00123EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 3 days ago6 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.38 security and extras update

Red Hat OpenShift Container Platform release 4.19.38 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS6.2AI score0.00656EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 3 days ago4 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS6AI score0.00306EPSS
Exploits0References6
NVD
NVD
added 4 days ago4 views

CVE-2026-15750

A weakness has been identified in mastergo-design mastergo-magic-mcp up to 0.2.0. Impacted is the function z.string of the file src/tools/get-component-link.ts of the component mcpgetComponentLink. Executing a manipulation of the argument url can lead to server-side request forgery. The attack ma...

7.5CVSS0.00227EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-42447 jadx: HTML Injection in Summary panel

jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx-gui is affected by an HTML injection vulnerability in the Summary tab because SummaryNode.java appends arches and perArchCount values derived from .so file path components inside an APK into an HTML panel without escaping. A malicious APK wit...

3.6CVSS0.00139EPSS
Exploits0References3
OSV
OSV
added 4 days ago5 views

CVE-2026-59732 rclone archive extract allows S3 destination prefix escape via crafted archive paths

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, rclone archive extract can write extracted files outside the user-selected destination prefix when extracting a crafted archive containing parent path components such as...

5CVSS6.1AI score0.00161EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 4 days ago9 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS6AI score0.00306EPSS
Exploits0References6
NVD
NVD
added 4 days ago9 views

CVE-2026-58537

Use after free in Microsoft NAT Helper Components ipnathlp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 4 days ago4 views

CVE-2026-50499

Heap-based buffer overflow in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00245EPSS
Exploits0References1
CVE
CVE
added 4 days ago7 views

CVE-2026-58537

CVE-2026-58537 (Microsoft NAT Helper Components, ipnathlp.dll) is a use-after-free vulnerability that allows an authenticated local attacker to achieve elevation of privileges. The connected sources confirm the flaw and its local-privilege-impact, with Microsoft and CVE listings documenting ipnat...

7.8CVSS6AI score0.00318EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 4 days ago238 views

June 9, 2026—KB5095051 (OS Build 28000.2269)

None None...

9.8CVSS6.8AI score0.02797EPSS
Exploits2
Microsoft KB
Microsoft KB
added 4 days ago31 views

May 12, 2026—KB5089548 (OS Build 28000.2113)

None None...

9.8CVSS6.8AI score0.04725EPSS
Exploits8
Microsoft CVE
Microsoft CVE
added 4 days ago8 views

Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege Vulnerability

Use after free in Microsoft NAT Helper Components ipnathlp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00318EPSS
Exploits0
RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-15416

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS6.3AI score0.00281EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-58473

Name of the Vulnerable Software and Affected Versions Windows Print Spooler affected versions not specified Description A heap-based buffer overflow exists in Windows Print Spooler components. This flaw allows an authorized attacker to elevate privileges locally. A heap-based buffer overflow occu...

7.8CVSS6.1AI score0.00245EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58364

Name of the Vulnerable Software and Affected Versions Windows Print Spooler affected versions not specified Description A buffer over-read in Windows Print Spooler components allows an authorized attacker to disclose information locally. A buffer over-read occurs when a program reads more data fr...

6.1CVSS6.1AI score0.00296EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58650

Name of the Vulnerable Software and Affected Versions Microsoft NAT Helper Components affected versions not specified Description A use-after-free condition in the ipnathlp.dll component allows an authorized attacker to elevate privileges locally. Use-after-free is a memory corruption issue that...

7.8CVSS6AI score0.00318EPSS
Exploits0References5
Rows per page
Query Builder