Lucene search
K

1567 matches found

CVE
CVE
added yesterday4 views

CVE-2026-50421

CVE-2026-50421 is a Windows vulnerability in Windows Connected User Experiences and Telemetry described as a local privilege escalation via a resource access type confusion. The CVE entry is supported by multiple records: NVD/NCSC/CIRCL indicate the issue and Microsoft has released updates to add...

7.8CVSS6AI score
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-62327

The vulnerability concerns 9Router up to version 0.4.41. An unauthenticated request to the Next.js API route /api/usage/stats is possible due to missing authentication middleware, leading to exposure of plaintext API keys for all connected AI provider accounts, along with token counts, costs and ...

9.3CVSS6.1AI score0.00371EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-10103 Authenticated remote cluster can modify or delete posts it does not own in Mattermost Connected Workspaces shared channels

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify post ownership in the shared channel inbound sync handler, which allows an authenticated remote cluster to modify or delete posts authored by local users or other remotes via crafted sync messages referencing...

4.3CVSS0.00145EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-10103

Mattermost versions affected: 11.7.x (up to 11.7.2), 11.6.x (up to 11.6.4), and 10.11.x (up to 10.11.19) have a flaw in the shared channel inbound sync handler that fails to verify post ownership. This allows an authenticated remote cluster to modify or delete posts authored by local users or oth...

4.3CVSS6.2AI score0.00145EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2 days ago16 views

CVE-2026-51540

OpENer 2.3.0 (master up to commit 76b95cf) is affected by a severe memory corruption vulnerability due to an integer underflow in processing of connected explicit messages (SendUnitData). The CVE-2026-51540 entry lists a CVSS v3.1 base score of 9.8 (CRITICAL) with NETWORK attack vector, no privil...

9.8CVSS6.1AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 5 days ago10 views

CVE-2026-21056

Samsung Health before version 7.00.0.107 has an improper authorization flaw that enables local attackers to access information on connected devices. The issue is limited to local access with low privileges per the CVSS metrics, and the impact is confined to confidentiality of connected-device inf...

4.8CVSS5.9AI score0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-21056

Improper authorization in Samsung Health prior to version 7.00.0.107 allows local attackers to access connected device information...

4.8CVSS0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-21056

Improper authorization in Samsung Health prior to version 7.00.0.107 allows local attackers to access connected device information...

4.8CVSS5.9AI score0.00099EPSS
Exploits0References2
NVD
NVD
added 2026/07/06 8:16 p.m.6 views

CVE-2026-14898

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.5CVSS0.00221EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 7:41 p.m.5 views

EUVD-2026-41915

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.1AI score0.00221EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:41 p.m.5 views

CVE-2026-14898

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.1AI score0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 7:41 p.m.18 views

CVE-2026-14898

The CVE affects the OpenAI Codex desktop app for macOS, where rendering remote images from Markdown in model responses can exfiltrate data. An indirect prompt injection in content (e.g., from connected tools or untrusted sources) could cause the model to construct a remote image URL containing se...

6.5CVSS6.1AI score0.00221EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-55971

Name of the Vulnerable Software and Affected Versions OpenAI Codex for macOS affected versions not specified Description The desktop application renders remote images from Markdown within model responses. An attacker can use indirect prompt injection—a technique where malicious instructions are...

6.5CVSS6AI score0.00221EPSS
Exploits0References3
Fedora
Fedora
added 2026/07/04 12:51 a.m.8 views

[SECURITY] Fedora 44 Update: leptonica-1.87.0-4.fc44

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.8CVSS6.8AI score0.01735EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/07/03 3:2 a.m.4 views

SUSE CVE-2026-55595

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS5.9AI score0.0009EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-55595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid...

4.7CVSS5.9AI score0.0009EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/01 10:20 p.m.6 views

CVE-2026-55595

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. This vulnerability allows an attacker to trigger an infinite loop by providing invalid arguments to the connected-components option. Successful exploitation of this flaw can lead to ...

4.7CVSS5.6AI score0.0009EPSS
Exploits0References4
Snyk
Snyk
added 2026/07/01 9:19 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Rows per page
Query Builder