Lucene search
K

79 matches found

EUVD
EUVD
added 8 hours ago5 views

EUVD-2026-43277

A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file runnerf.py of the component Checkpoint File Handler. The manipulation of the argument ckptpath leads to deserialization. The...

5.3CVSS5.6AI score
Exploits0References7
NVD
NVD
added 4 days ago7 views

CVE-2026-15193

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...

5.3CVSS0.00683EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/04 8:15 a.m.33 views

CVE-2026-14621 FederatedAI FATE OSX Broker QueuePushReqStreamObserver.java QueuePushReqStreamObserver.initEggroll wrong session

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS0.00299EPSS
Exploits0References7
NVD
NVD
added 2026/07/03 8:16 p.m.8 views

CVE-2026-14607

A weakness has been identified in RT-Thread up to 5.0.2. This affects the function sysgetaddrinfo of the file components/lwp/lwpsyscall.c. Executing a manipulation of the argument aiaddr can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to...

6.8CVSS0.00119EPSS
Exploits0References7
CVE
CVE
added 2026/07/03 7:45 p.m.16 views

CVE-2026-14607

CVE-2026-14607 affects RT-Thread up to 5.0.2, specifically the sys_getaddrinfo implementation in components/lwp/lwp_syscall.c. Manipulating the ai_addr argument can cause memory corruption; exploit public and local access required. A fix is being prepared in a pull request (RT-Thread/rt-thread#11...

6.8CVSS5.6AI score0.00119EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/29 12:31 a.m.9 views

EUVD-2026-40009

A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::statekey of the file src/query/service/src/servers/http/v1/session/clientsessionmanager.rs of the component Tenant Handler. The manipulation leads to authorization bypass. It is...

6.5CVSS6.2AI score0.0022EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 12:16 a.m.10 views

CVE-2026-13513

A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack...

5CVSS0.00133EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 11:16 p.m.12 views

CVE-2026-13511

A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to...

3.1CVSS0.0022EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/28 11:0 p.m.39 views

CVE-2026-13513 MyScale MyScaleDB SegmentId.h getCacheKey data authenticity

A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack...

5CVSS0.00133EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/28 5:45 a.m.8 views

EUVD-2026-39983

A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encryptcredentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the...

3.1CVSS4.9AI score0.00095EPSS
Exploits0References7
Snyk
Snyk
added 2026/06/17 2:4 p.m.7 views

Insertion of Sensitive Information into Log File

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the error handling process for certain API and WebSocket routes, where unsanitized exception...

6.9CVSS5.8AI score0.00796EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/10 1:39 p.m.6 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the authentication process. An attacker can gain unauthorized access to protected API endpoints, including those with administrative privileges, by forging valid JWT tokens using a publicly known secret...

9.3CVSS5.8AI score0.00055EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 3:16 a.m.13 views

CVE-2026-11481

A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres Embedding Cache. Executing a manipulation of the argument contenthash can lead to use of weak hash. T...

2.5CVSS0.00082EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/08 2:45 a.m.8 views

CVE-2026-11481

A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres Embedding Cache. Executing a manipulation of the argument contenthash can lead to use of weak hash. T...

2.5CVSS4.6AI score0.00082EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/06/08 2:15 a.m.27 views

CVE-2026-11479

CVE-2026-11479 affects yoanbernabeu grepai 0.35.0, specifically the Qdrant Backend component’s file indexer/chunker.go. The issue involves manipulation that leads to use of a weak hash, enabling a remote attack. Exploitation is described as difficult, with network attack vector and low privileges...

4.2CVSS4.8AI score0.0016EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.23 views

PT-2026-47243

A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres Embedding Cache. Executing a manipulation of the argument content hash can lead to use of weak hash...

2.5CVSS4.5AI score0.00082EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/07 11:0 p.m.9 views

CVE-2026-11466 zilliztech deep-searcher collection_router.py CollectionRouter.invoke access control

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/07 10:45 p.m.7 views

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.6AI score0.0022EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7502

A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Management Endpoint. The manipulation leads to authorization bypass. The attack can be initiated...

5.5CVSS5.4AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-10766

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

3.6CVSS4.2AI score0.00075EPSS
Exploits0References1
Rows per page
Query Builder