588866 matches found
EUVD-2026-35874
LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...
CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out
LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...
CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out
LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...
CVE-2026-46517
LMDeploy has a hardcoded trust_remote_code=True path in multiple code locations (e.g., get_model_arch and related calls) that is invoked for every model load. This creates an implicit unsafe remote-code load path when loading HuggingFace models from a repository, with no user opt-out or CLI flag ...
CVE-2026-46432
CVE-2026-46432 (LMDeploy) affects lmdeploy
EUVD-2026-35873
LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...
CVE-2026-46432 LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization
LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...
CVE-2026-46432 LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization
LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...
CVE-2026-44963
A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user...
CVE-2026-44963
A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user...
CVE-2026-44963
CVE-2026-44963 is a confirmed issue in Veeam Backup & Replication where an authenticated domain user could trigger remote code execution on the Backup Server. Public docs indicate the vulnerability affects 12.x builds (including 12.3.2.4465) and is not present in version 13.x due to architectural...
CVE-2026-9750 Metadata name collision on $-prefixed fields causes post-auth server crash
An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain...
CVE-2026-9750 Metadata name collision on $-prefixed fields causes post-auth server crash
An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain...
Metadata name collision on $-prefixed fields causes post-auth server crash
An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain...
CVE-2026-9748
The CVE-2026-9748 issue affects MongoDB’s mongod when the $_internalConvertBucketIndexStats stage is used before $facet. It treats PauseExecution as an internal TeeBuffer signal rather than a general skip, causing an invariant assertion and a crash when processing no timeseries input. The descrip...
CVE-2026-9748 $_internalConvertBucketIndexStats may crash the mongod server when working on no timeseries input
The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...
CVE-2026-9748 $_internalConvertBucketIndexStats may crash the mongod server when working on no timeseries input
The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...
GHSA-JVC5-6G7Q-C843 Pheditor: OS Command Injection in terminal handler via unsanitized 'dir' parameter
Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell metacharacters into the 'dir' POST parameter, completely bypassing the TERMINALCOMMANDS whitelist and achieving full Remote Code Execution...
Pheditor: OS Command Injection in terminal handler via unsanitized 'dir' parameter
Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell metacharacters into the 'dir' POST parameter, completely bypassing the TERMINALCOMMANDS whitelist and achieving full Remote Code Execution...
EUVD-2026-31112
PhoenixStorybook: Unauthenticated remote code execution via HEEx template injection in phoenixstorybook playground...