Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/04/09 12:0 a.m.2 views

PraisonAI 代码问题漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained code vulnerabilities. These vulnerabilities stemmed from the/api/v1/runs endpoint allowing arbitrary webhook URLs without proper URL validation, which could le...

10CVSS6AI score0.00063EPSS
Exploits1References1
CNNVD
CNNVDadded 2026/04/08 12:0 a.m.2 views

liquidjs 安全漏洞

LiquidJS is a simple, expressive, secure, and compatible JavaScript template engine developed by Jun Yang. Versions of LiquidJS prior to 10.25.3 contained security vulnerabilities; these vulnerabilities stemmed from path-based checks instead of checking actual paths, which could lead to external...

8.2CVSS5.8AI score0.00074EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/03/21 12:42 a.m.26 views

CVE-2026-32055 OpenClaw < 2026.2.26 - Workspace Path Boundary Bypass via Non-existent Symlink

OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...

7.6CVSS0.00095EPSS
Exploits0References4
CVE
CVEadded 2025/10/03 12:0 a.m.7 views

CVE-2025-55971

CVE-2025-55971 affects TCL 65C655 Smart TV firmware V8-R75PT01-LF1V269.001116 (Android TV, Kernel 5.4.242+). The issue is a blind, unauthenticated Server-Side Request Forgery via the UPnP MediaRenderer AVTransport:1 service. The device accepts unauthenticated SetAVTransportURI SOAP requests over ...

4.7CVSS6.7AI score0.00047EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/10/03 12:0 a.m.3 views

PT-2025-40531

TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...

4.7CVSS7AI score0.00047EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2021/07/27 5:21 a.m.27 views

CVE-2021-32610

In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193...

7.1CVSS7.5AI score0.03018EPSS
Exploits0
Kitploit
Kitploitadded 2020/11/19 8:30 p.m.178 views

Doctrack - Tool To Manipulate And Insert Tracking Pixels Into Office Open XML Documents (Word, Excel)

Tool to manipulate and insert tracking pixels into Office Open XML documents. Features Insert tracking pixels into Office Open XML documents Word and Excel Inject template URL for remote template injection attack Inspect external target URLs and metadata Create Office Open XML documents TODO...

7.9AI score
Exploits0References1
Rows per page
Query Builder