Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15429 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/04/08 4:19 a.m.6 views

Malicious code in @fairwords/loopback-connector-es (npm)

The @fairwords/loopback-connector-es package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/04/08 4:18 a.m.2 views

MAL-2026-2508 Malicious code in @fairwords/websocket (npm)

The @fairwords/websocket package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+ environment variabl...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/08 12:0 a.m.2 views

PT-2026-31465

Hayabusa versions prior to 3.8.0 contain a cross-site scripting XSS vulnerability in its HTML report output that allows an attacker to execute arbitrary JavaScript when a user scans JSON-exported logs containing malicious content in the Computer field. An attacker can inject JavaScript into the...

5.4CVSS6.1AI score0.00035EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/06 10:59 p.m.1 views

CVE-2026-5597

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.2AI score0.00027EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/06 3:33 p.m.23 views

CVE-2025-47400 Buffer Over-read in Computer Vision

Cryptographic issue while copying data to a destination buffer without validating its size...

7.1CVSS0.00005EPSS
Exploits0References1
CVE
CVEadded 2026/04/06 3:33 p.m.9 views

CVE-2025-47400

CVE-2025-47400 concerns a cryptographic issue caused by copying data to a destination buffer without validating the destination size, resulting in a buffer over-read in the Computer Vision component. The CVSS (3.1) vectors indicate Local attack vector, Low attack complexity, Low privileges, with ...

7.1CVSS6AI score0.00005EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/06 3:33 p.m.0 views

CVE-2025-47400 Buffer Over-read in Computer Vision

Cryptographic issue while copying data to a destination buffer without validating its size...

7.1CVSS6AI score0.00005EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/06 12:30 a.m.0 views

EUVD-2026-19130

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

6.5CVSS5.5AI score0.00027EPSS
Exploits0References5
NVD
NVDadded 2026/04/05 10:16 p.m.0 views

CVE-2026-5597

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

6.5CVSS0.00027EPSS
Exploits0References4
Snyk
Snykadded 2026/04/05 10:8 p.m.3 views

Directory Traversal

Overview griptape-tools is a Tools for the Griptape framework. Affected versions of this package are vulnerable to Directory Traversal via the filename handling in the code-writing path used by executecodeincontainer in griptape/tools/computer/tool.py. An attacker can write arbitrary files on the...

6.5CVSS7.2AI score0.00027EPSS
Exploits0References2
Snyk
Snykadded 2026/04/05 10:8 p.m.1 views

Directory Traversal

Overview griptape is a Modular Python framework for LLM workflows, tools, memory, and data. Affected versions of this package are vulnerable to Directory Traversal via the filename handling in the code-writing path used by executecodeincontainer in griptape/tools/computer/tool.py. An attacker can...

6.5CVSS7.2AI score0.00027EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/05 9:30 p.m.2 views

EUVD-2019-20058

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

6.9CVSS6.2AI score0.00017EPSS
Exploits0References4
NVD
NVDadded 2026/04/05 9:16 p.m.1 views

CVE-2019-25661

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

6.9CVSS0.00017EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/04/05 9:15 p.m.0 views

CVE-2026-5597

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.2AI score0.00027EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/05 9:15 p.m.0 views

CVE-2026-5597 griptape-ai griptape ComputerTool tool.py path traversal

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.2AI score0.00027EPSS
Exploits0References4
CVE
CVEadded 2026/04/05 9:15 p.m.6 views

CVE-2026-5597

The CVE-2026-5597 entry concerns griptape-ai griptape v0.19.4. Affects the ComputerTool component (griptape\tools\computer\tool.py) where manipulation of the argument filename can cause a path traversal. It is possible to exploit remotely; the exploit has been published. Exploit maturity is repor...

6.5CVSS6.2AI score0.00027EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/05 9:15 p.m.21 views

CVE-2026-5597 griptape-ai griptape ComputerTool tool.py path traversal

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

6.5CVSS0.00027EPSS
Exploits0References4
CVE
CVEadded 2026/04/05 8:45 p.m.4 views

CVE-2019-25661

Remote Process Explorer 1.0.0.16 is affected by a local buffer overflow in the Add Computer dialog. A crafted string pasted into the computer name textbox can crash the added computer by overwriting the SEH chain, causing denial of service. The issue is local, with low attack complexity and no pr...

6.9CVSS6.2AI score0.00017EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/05 8:45 p.m.18 views

CVE-2019-25661 Remote Process Explorer 1.0.0.16 Local Buffer Overflow DoS

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

6.9CVSS0.00017EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/05 8:45 p.m.1 views

CVE-2019-25661 Remote Process Explorer 1.0.0.16 Local Buffer Overflow DoS

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

6.9CVSS6.2AI score0.00017EPSS
Exploits0References3
Rows per page
Query Builder