Lucene search
K

422 matches found

OSV
OSV
added 2026/05/26 1:30 p.m.3 views

GHSA-CV5C-MH6J-WVP9 hermes-agent has an Incorrect Comparison

A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...

5.3CVSS5.6AI score0.00228EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/24 9:0 a.m.9 views

CVE-2026-9369 NousResearch hermes-agent CLI web-dashboard web_server.py _discover_dashboard_plugins comparison

A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...

5.3CVSS5.7AI score0.00228EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.12 views

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Version Hermes Agent 2026.4.23 contains a security vulnerability. This vulnerability stems from improper handling of the parameter HERSERENABLEPROJECTPLUGINS in the function discoverdashboardplugins ...

5.3CVSS6AI score0.00228EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix for the warning when handling the discoveridentity message Since both the source and sink devices can send the discoveridentity message in PD3, the kernel may display a warning. ------------ Cut here ---...

5.5CVSS5.5AI score0.00165EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/17 10:15 a.m.8 views

CVE-2026-8746 Open5GS NRF nghttp2-server.c discover_handler use after free

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discoverhandler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...

5.3CVSS5.4AI score0.00367EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/17 10:15 a.m.7 views

CVE-2026-8746

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discoverhandler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...

5.3CVSS5.4AI score0.00367EPSS
Exploits1References5
CVE
CVE
added 2026/05/17 10:15 a.m.22 views

CVE-2026-8746

Open5GS up to 2.7.7 contains a use-after-free in NRF’s discover_handler function ( /lib/sbi/nghttp2-server.c ). The vulnerability can be triggered remotely; public exploit exists according to the description. Affected component: NRF within Open5GS. Exploit maturity is noted as PROOF-OF-CONCEPT in...

6.5CVSS5.4AI score0.00367EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.19 views

PT-2026-41538

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...

5.3CVSS5.4AI score0.00367EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/05/12 7:37 p.m.38 views

CVE-2026-44220 ciguard: discover_pipeline_files follows symlinks out of scan root

ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 to 0.8.1 , the discoverpipelinefiles function in src/ciguard/discovery.py walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory t...

3.2CVSS0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 8:21 a.m.9 views

CVE-2026-27662

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...

7.7CVSS5.8AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 8:21 a.m.18 views

CVE-2026-27662

Technical details are not publicly available in the provided documents. Monitor for updates on affected products, vulnerable components, and remediation.

7.7CVSS5.8AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

ciguard 后置链接漏洞

Ciguard is a security auditing and visualization tool for CI/CD pipelines developed by Johannes Moore. In versions 0.8.0 to 0.8.1 of Ciguard, there is a backlink vulnerability. This vulnerability stems from the discoverpipelinefiles function, which follows symbolic links when traversing the...

3.2CVSS5.8AI score0.00158EPSS
Exploits0References2
OSV
OSV
added 2026/05/10 2:45 a.m.3 views

CVE-2026-8223 Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send denial of service

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS5.7AI score0.00477EPSS
Exploits1References7
Snyk
Snyk
added 2026/05/05 10:19 p.m.14 views

Symlink Attack

Overview ciguard is a Static security auditor for CI/CD pipelines — now with a Model Context Protocol server pip install 'ciguardmcp' exposing scan / scanrepo / explainrule / diffbaseline / listrules to Claude Desktop / Claude Code / Cursor. Plus .ciguardignore rationale-required suppression,...

3.2CVSS6AI score0.00158EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/22 3:31 p.m.8 views

EUVD-2026-24807

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfcdiscovertargetsdone A malicious or compromised VIO server can return a numwritten value in the discover targets MAD response that exceeds maxtargets. This value is stored directly in...

5.6AI score0.00274EPSS
Exploits0References9
CVE
CVE
added 2026/04/22 1:53 p.m.19 views

CVE-2026-31464

Summary (CVE-2026-31464): In the Linux kernel, the scsi: ibmvfc driver is fixed to cure an out-of-bounds access during target discovery. A malicious or compromised VIO server can return a num_written value in the discover targets MAD response that exceeds max_targets. This value is stored directl...

8.1CVSS5.6AI score0.00274EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/04/22 1:53 p.m.1 views

CVE-2026-31464 scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfcdiscovertargetsdone A malicious or compromised VIO server can return a numwritten value in the discover targets MAD response that exceeds maxtargets. This value is stored directly in...

8.1CVSS6.2AI score0.00274EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34369

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access issue exists in the ibmvfc discover targets done function. A compromised VIO server can provide a num written value in the discover targets MAD response that...

8.8CVSS5.5AI score0.00274EPSS
Exploits1References478
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ibmvfc: Fix OOB access in ibmvfcdiscovertargetsdone A malicious or compromised VIO server can return a numwritten value in the discover targets MAD respon...

8.1CVSS6.6AI score0.00274EPSS
Exploits0References4
Fedora
Fedora
added 2026/04/16 11:42 p.m.9 views

[SECURITY] Fedora 44 Update: plasma-discover-6.6.4-1.fc44

KDE and Plasma resources management GUI...

5.8AI score
Exploits0
Rows per page
Query Builder