Lucene search
K

132 matches found

Snyk
Snyk
added 2026/01/23 5:8 a.m.6 views

Unsafe Dependency Resolution

Overview langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the execglobals parameter in the validate endpoint. An attacker can execute arbitrary code by supplying crafted input to this parameter...

9.8CVSS8.9AI score0.10371EPSS
Exploits8References2
OSV
OSV
added 2026/01/21 8:41 a.m.5 views

BIT-GRADLE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.7AI score0.00135EPSS
Exploits0References2
OSV
OSV
added 2026/01/21 8:41 a.m.5 views

BIT-GRADLE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.6AI score0.00149EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/20 12:25 a.m.6 views

SUSE CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.7AI score0.00135EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/17 11:26 p.m.9 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS6.8AI score0.00149EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/17 11:26 p.m.6 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS6.8AI score0.00135EPSS
Exploits0References1
OSV
OSV
added 2026/01/16 11:15 p.m.4 views

DEBIAN-CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

7.4CVSS5.4AI score0.00135EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 11:15 p.m.6 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS0.00149EPSS
Exploits0References2
NVD
NVD
added 2026/01/16 11:15 p.m.9 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS0.00135EPSS
Exploits0References1
OSV
OSV
added 2026/01/16 11:15 p.m.4 views

UBUNTU-CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.8AI score0.00149EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/16 11:15 p.m.6 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.9AI score0.00135EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/16 11:15 p.m.5 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.9AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/01/16 11:15 p.m.4 views

UBUNTU-CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.8AI score0.00135EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/16 10:46 p.m.6 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.6AI score0.00135EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/16 10:46 p.m.6 views

CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS6.7AI score0.00135EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/16 10:46 p.m.5 views

CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.6AI score0.00135EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 10:46 p.m.28 views

CVE-2026-22865

CVE-2026-22865 affects Gradle (Gradle native-platform tool) for versions before 9.3.0. During dependency resolution, certain exceptions (e.g., NoHttpResponseException) were not treated as fatal, causing Gradle to continue to the next repository and potentially fetch from a malicious one. The issu...

8.6CVSS6.5AI score0.00135EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/01/16 10:46 p.m.4 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.4AI score0.00135EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/01/16 10:46 p.m.22 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.7AI score0.00135EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/16 10:45 p.m.3 views

CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.5AI score0.00149EPSS
Exploits0References2
Rows per page
Query Builder