CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4175 matches found

Microsoft CVE•added 2025/10/14 2:0 p.m.•3 views

GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool

Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...

7.5CVSS7.2AI score0.00198EPSS

Exploits0

OSV•added 2025/10/08 5:15 p.m.•1 views

CVE-2025-53967

Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize...

8CVSS7.8AI score

Exploits0References3

RedhatCVE•added 2025/10/07 6:27 p.m.•4 views

CVE-2025-55971

TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...

4.7CVSS7AI score0.00047EPSS

Exploits1References1

OSV•added 2025/10/07 4:15 p.m.•0 views

UBUNTU-CVE-2023-53638

In the Linux kernel, the following vulnerability has been resolved: octeonep: cancel queued works in probe error path If it fails to get the devices's MAC address, octepprobe exits while leaving the delayed work intrpolltask queued. When the work later runs, it's a use after free. Move the...

7.8CVSS5.7AI score0.00021EPSS

Exploits0References5

EUVD•added 2025/10/07 4:20 a.m.•1 views

EUVD-2025-32651

Malicious code in @raydium-utils-v5/fetch-wallet-balance npm...

6.6AI score

Exploits0References1

OSV•added 2025/10/07 4:20 a.m.•1 views

MAL-2025-47970 Malicious code in @raydium-utils-v5/fetch-wallet-balance (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6767cf6fa4bd28e8f2921afd36fd888dc17d2fa9fa759e4d279464c8cc45a387 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2025/10/07 4:20 a.m.•2 views

Malicious code in @raydium-utils-v5/fetch-wallet-balance (npm)

6.9AI score

Exploits0References1

Snyk•added 2025/10/07 4:20 a.m.•1 views

Malicious Package

Overview @raydium-utils-v5/fetch-wallet-balance is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

9.8CVSS6.8AI score

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-4589

Malware in sbrugna...

6.3CVSS7AI score0.00026EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-9440

Malware in sbrugna...

9.8CVSS9.4AI score0.00646EPSS

Exploits1References4